Slashdot Mirror

cpfeifer writes "Building browser-based java applications has involved a mixed bag of server side technologies (servlets, JSPs), client side technologies (HTML, Javascript) and frameworks (webmacro, Struts, Taglibs, Velocity). As these technologies appeared and matured, "The Right Way" (tm) to build web applications evolved to be an application of the classic model-view-controller pattern." Below is Craig's review of Struts in Action, a book which attempts to illustrate a successful path to making sure that web applications are designed the right way. Struts in Action author Husted, Dumoulin, Franciscus, Winterfeldt pages 630 publisher Manning rating (11/10) it goes to 11 reviewer Craig Pfeifer ISBN 1930110502 summary More than just a book about how to use the Struts framework, covers the best practices of web application design and development. If you are building a java web application of any appreciable size, YOU NEED THIS BOOK.

What's Needed So it is generally acknowledged that using the MVC pattern is the proper way to build web applications, but with the large number of technologies and frameworks it can be a long road to figure what is the best solution for your application. What we need is a book that covers the best practices of web application design and development from both a technology/architecture perspective, and is written by a few folks who have deep understanding of the underlying problems of building robust web applications.

That's what I love the most about this book, it doesn't just talk about how to configure and develop with Struts. It's a web application manifesto. Anyone can write a book about how to use Struts to build a web application. That's not the point. This book is ~8 people-years worth of first-hend developer knowledge (4 authors x ~2 years of working on the Struts project) condensed down into 630 pages. It doesn't just teach you how to use Struts (and Velocity and Taglibs and Tiles), but why you should use them. That's the most important thing this book has to offer. If your project is looking at using Struts & other Jakarta technologies, you need this book. If your project is currently using Struts & other Jakarta technologies, you need this book.

What's Bad?

The Velocity coverage is pretty light. If you are more comfortable building logic with a quasi-shell script language instead of using markup tags, then you should look to the project's documentation for further reference before embarking on a prototype. The Jakarta Lucene project, is touched on in the sample application they build, but are left as an exercise for the reader to investigate. While it's good to bring in related technologies to flesh out your sample apps, you have to be careful not to get sidetracked from the primary topic. You could easily write several books about the other components developed by the Jakarta project.

What's Good?

The best part is that the 4 authors are all Struts authorities (one Jakarta project manager, 2 Struts committers, one principal consultant), so they know Struts and the other Jakarta web frameworks inside and out. More than that, these guys have been solving the problems involved with web applications for several years now. They have deep experience in the patterns and best practices of building robust and flexible web applications, and this book passes on their experiences to the reader.

So What's In It For Me?

With this book and a little bit of effort on your part, you will be a competent Java web application developer. With a little bit more effort, you will become a Java web application architect. It's worth the extra effort. This is a tremendous book that will set the standard for web application references and will continue to be useful for years to come. It reminds me of the first Manning book I read, Neward's Server-Based Java Programming in terms of it's scope. approach and usefulness.

You can purchase Struts in Action from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

danny writes "Kenneth McNamara's Shapes of Time is a popular study of the role of growth and development in evolution, following in the footsteps of Stephen Jay Gould's influential Ontogeny and Phylogeny. Read on for my review of Shapes of Time." Shapes of Time: the Evolution of Growth and Development author Kenneth J. McNamara pages 342 publisher John Hopkins University Press rating 9 reviewer Danny Yee ISBN 0801855713 summary evolutionary changes in the timing of developmental features and in rates of growth

Many popular books on evolution ignore or downplay the role of growth and development, of ontogeny. But in Shapes of Time Kenneth McNamara's focus is on heterochrony, on evolutionary changes in the timing of developmental features and in rates of growth. As he puts it:

"evolution is not only about genetics and natural selection. Just as crucial are the changes in the timing and rate of development, with the three, genetics, heterochrony, and natural selection, forming an interdependent evolutionary triumvirate."

Heterochrony constrains natural selection; it also provides it with raw material, allowing small genetic changes to have big phenotypic effects.

Ideas about the relationship between ontogeny and phylogeny (evolutionary history) have changed over the last few centuries, with notions of recapitulation and paedomorphosis going in and out of fashion. McNamara's outline of this covers Ernst Haeckel, Karl Ernst von Baer, and Walter Garstang, ending with Stephen Jay Gould, from whose Ontogeny and Phylogeny he takes the terminology for different kinds of heterochrony. The basic division is into paedomorphosis (less growth) and peramorphosis (more growth). These can each take three forms: paedomorphosis can be the result of progenesis (finishing early), neoteny (slower growth rate), and postdisplacement (starting late), while peramorphosis can result from predisplacement (starting early), acceleration (greater growth rate), and hypermorphosis (finishing late).

That's a lot of technical terms, but don't let them scare you away - the bulk of Shapes of Time consists of lively and engaging examples of heterochrony, taken from across the animal kingdom, from dogs and humans to invertebrates (McNamara is an invertebrate paleontologist), which help both to explain those terms and to fix them in the memory. But first McNamara presents a little bit of developmental biology, covering the stages of neofertilization, differentiation and growth, touching on Hox genes and morphogens, and mechanisms of organ and appendage formation. This is enough background for the higher level (zoological and ecological and paleontological) survey that follows, but may be frustratingly slender for those after more, after a better understanding of the developmental biology behind heterochrony.

McNamara begins his tour of heterochrony with dog varieties - even looking at paedomorphosis in depictions of Snoopy in Peanuts cartoons - and examples from insects and salamanders. Heterochrony is "all-pervasive" in the generation of sexual dimorphism, from simple size differences to extreme cases with males that are little more than "parasitic" sperm sacs. And heterochrony can play a key role in speciation, often combining with environmental gradients to separate populations; examples include Darwin's finches, brachiopods, and bushbucks.

Are some forms of heterochrony more common than others in particular lineages? In some cases paedomorphism seems unusually common, notably among the amphibians (axolotls are paedomorphic salamanders, for example); McNamara also looks at paedomorphism in lungfish, cats, and various invertebrates and at connections with genome and cell size. In other cases peramorphosis seems to dominate: a dramatic example is the combination of hypermorphosis and acceleration that produced increasing size in dinosaur lineages, but Cope's rule suggests that size tends to increase more generally. More common is the mixing of peramorphism and paedomorphism, acting on different features and subject to "trade-offs": examples here come from the evolution of wings (and of flightlessness) and tetrapod limbs, with a brief glance at the origin of turtle shells.

Heterochronic mechanisms enable the adaptation of life cycles to different environments: hypermorphosis and neoteny are more common in stable environments ("K-selected") and progenesis and acceleration in unpredictable ones ("r-selected"). Heterochronic changes can be driven by biological "arms-races", with a clear example in the evolution of sea urchins in response to predation by cassids (marine snails). And heterochrony has played a key role in human evolution, where McNamara highlights peramorphic features against a tradition which has stressed paedomorphism.

McNamara sometimes appears to reduce the significance of ontogeny in evolution to heterochrony, when it is actually considerably broader. There are ontogenetic constraints and processes other than those of timing and rate: biophysical and biochemical limits, ways in which novel proteins or cell types arise, and self-assembly and exploration allowing "adaptive" development, to list just a few. If there is a "triumvirate" that rules evolution it has to be "genetics, ontogeny, and natural selection". Still, there's no doubting that heterochrony is one of the key links between ontogeny and phylogeny - at least not after reading Shapes of Time.

You might like to check out Danny's other evolution, developmental biology, and popular science reviews. You can purchase Shapes of Time from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

rcr1001 writes "Turning Numbers into Knowledge (TNIK) is an entertaining and readable primer on practical problem solving. TNIK is about structured analytical thinking and Slashdot readers interested in improving the quality of their critical thinking skills should consider learning from this book." Read on for the complete review. Turning Numbers into Knowledge: Mastering the Art of Problem Solving author Jonathan G. Koomey, PhD pages 221 publisher Analytics Press rating 9 reviewer rcr1001 ISBN 0970601905 summary A guide to mastering the art of problem solving

An overview: TNIK is one of those rare books that is simple in its presentation and quietly leaves a deep understanding of its topic. Chapters read like common-sense and jibe with everyday experience in a satisfying way. Koomey is a masterful analyst who has distilled his years of experience into a well-thought-out, well-written book on the "art of problem solving." Koomey's tone is conversational and succeeds in making a potentially dry topic interesting and relevant through genuine insight, clear prose, and real-world examples.

TNIK is divided into 5 sections containing a total of 38 chapters. The chapters are easily digested. The book can be read equally well straight-through or in bites here and there as interests warrant -- in fact, Koomey uses icons in page margins to cross-reference chapters encouraging the reader to jump around if a thread seems particularly interesting.

See table of contents at bottom for more information on content -- the chapters are small enough that the ToC provides an excellent summary of the territory covered in the book. Also, here are some sample chapters online.

Why Recommend a Book about Problem Solving on Slashdot:
While I consider myself more of an analyst than a programmer, I've written a fair amount of code in support of data analysis (mostly perl and sql). I've benefitted invaluably from books recommended on Slashdot that I wouldn't have known to pick up or notice otherwise. I thought this book might be similarly useful to others who were interested in improving their problem solving skills and/or analytical approach. This book is the The Practice of Programming of the practice of problem solving.

What I Enjoyed About the Book:

I have read TNIK twice and used it as a reference on many occasions. Reading it has helped me retool my approach to analysis in a broad way (getting more organized, becoming more cynical about "official" analysis, questioning my own analysis more deeply, and developing different analytical scenarios all come to mind), pointed me to other excellent references, and most importantly, always helped me with whatever problem I'm currently working on. I tend to pull it off the shelf when I'm starting a big project and it has been an easy way to gain inspiration.

Other Good Stuff:
There is an outstanding "Further Reading" section which is essentially an annotated bibliography of recommended books organized by topic. There are many, many excellent books in this section and each listing contains a short description by Koomey as to why he recommends them.

Each chapter begins and ends with a quote relevant to the chapter topic and lots of humorous comic strips (Calvin and Hobbes, Dilbert, New Yorker, etc.) relevant to the chapter throughout the text serve as comic relief.

A Note on the Publisher:
This book is published by Analytics Press in Oakland CA. Individual copies are available through Amazon or Barnes and Noble.com. Ordering options here.

Conclusion:
This book is on par with Edward Tufte's influential Graphical Explanations (which amazingly hasn't been reviewed on this site yet!) The beauty of the book is in its elegant coverage of so many topics in such a short space. This book is a road map to great analysis and it behooves anyone interesting in improving their skills to take advantage of it, and judging by the amount of bad analysis created on a daily basis, it deserves a spot on many bookshelves! Other reviews are here.

Table Of Contents:

1. Part I: Things to Know
2. Beginner's Mind
3. Don't be Intimidated
4. Information, Intention, and Action
5. Peer Review and Scientific Discovery

   Part II: Be Prepared

6. Explore Your Ideology
7. Get Organized
8. Establish a Filing System
9. Build a Toolbox
10. Put Facts at Your Fingertips
11. Value your Time

    Part III: Assess their Analysis

12. The Power of Critical Thinking
13. Numbers Aren't Everything
14. All Numbers Are Not Created Equal
15. Question Authority
16. How Guesses Become Facts
17. Don't Believe Everything You Read
18. Go Back to the Questions
19. Reading Tables and Graphs
20. Distinguish Facts from Values
21. The Uncertainty Principle and the Mass Media

    Part IV: Create Your Analysis

22. Reflect
23. Get Unstuck
24. Inquire
25. Be a Detective
26. Create Consistent Comparisons
27. Tell a Good Story
28. Dig into the Numbers
29. Make a Model
30. Reuse Old Envelopes
31. Use Forecasts with Care
32. Hear All Sides

    Part V: Show your Stuff

33. Know Your Audience
34. Document, Document, Document
35. Let the Tables and Graphs Do the Work
36. Create Compelling Graphs and Figures
37. Create Good Tables
38. Use Numbers Effectively in Oral Presentations
39. Use the Internet

    Conclusion: Creating the Future

    Further Reading
    Notes
    Index
    

You can purchase Turning Numbers into Knowledge from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Jason Bennett writes "The Java Developer's Almanac is an interesting cross-breed of a book. On one hand, it's a reference book for the entire Java 1.4 API, complete with a listing for every method in every class in the API. On the other hand, it's a mini-tutorial, as it comes with myriad examples of how to use various Java classes. In the end, though, it's a book geared toward the advanced Java developer, especially one facing a new part of the API who needs a little guidance." Read on for his review. Java Developers Almanac 1.4 Vol. 1 author Patrick Chan pages 1007 publisher Addison Wesley rating 7/10 reviewer Jason Bennett ISBN 0201752808 summary A concise reference to every class and method in Java 1.4, with examples for many.

What's the Book About?

The Almanac is divided into four main parts: packages, which covers every package in the core Java distribution, with the exceptions of the AWT, Swing, and printing; classes, which lists every class in alphabetical order, including all of its methods and fields; topics, which details the changes between each version of Java; and cross-reference, which allows you to look up every class, interface, and member type in Java 1.4.

Section 1, the package list, gives you every package in Java 1.4, every class inside those packages, the top-level description of the classes (from Sun's JavaDoc), a note of what JDK version the class was born in, an abstract/final indicator, and a hierarchy of the classes in the package. If this were all, it might be a nice, basic Java reference.

In addition to the strict listing, however, are hundreds of examples of how to use the classes; some basic, some obvious, and some you probably haven't seen.

The examples are extremely handy, if only to point out various utilities included with Java that you might otherwise not know about. With over 500 examples in the book, there's probably one you haven't seen or want to understand better.

There's also a website with all the code available at javaalmanac.com, so you don't have to type in every example you want to use in your code.

Section 2 provides a listing of every class in the covered packages in alphabetical order, along with all the signature of every public method in those classes. The book also cross-references every example in part 1 for each method. So, if you want to know how to better use ResultSet.afterLast(), you only need find the ResultSet class, and next to the afterLast() method are the two examples that use that method. With this easy organization, it's very straightforward to find any example you're looking for.

Part 3 goes through every major JDK release, starting at 1.0, and tells you everything you could possibly want to know about that release. You can find a statistical analysis of each release, including how many packages, classes, and members there are, how many classes in each package, new and removed classes and methods, deprecations, and all defined exceptions. I've certainly never seen a better or more compact reference on the differences between the JDKs.

Finally, part 4 gives a complete cross-reference for every class, interface and member mentioned. If you want to find every class that throws a ParseException, this is the place to find it.

What's Bad?

The one bad thing that strikes me about this book is actually just a simple question: Why should I use it when most of this information is at my fingertips in an IDE? Sun's JavaDoc is nicely thorough, and includes most everything in this book, the examples being a notable exception. Parts 3 and 4, of course, are not at all included in the JavaDoc, but I'm not sure how often I might need those sections.

So What's In It For Me?

If you're a down-and-dirty professional Java programmer, this book may very well be useful to you. The examples are quite handy, and as a reference to Java, it covers most anything you might need. Much of the information in the last two sections is hard to find in one coherent compilation. At $25 MSRP, it's an excellent value for all the information packed into the book.

Table of Contents

1. Preface
2. Part 1: Packages
3. Part 2: Classes
4. Part 3: Topics
5. Part 4: Cross-reference

You can purchase Java Developers' Almanac 1.4 Vol. 1 from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Mirko Zorz writes "Internet Site Security - what a name for a book. When I first heard about it I was thinking: '1400 pages, 6 CDs,' but when the book came and I began to read through it, I realized how much good information the authors were able to fit into just over 400 pages. We all want 'big books' but with this one, the authors take a somewhat different approach, one that is less connected to software versions and that will endure in time. But, before we get into the core of the book, let's take a look at the people behind it." Mirko's review continues below. Internet Site Security author Erik Schetina, Ken Green and Jacob Carlson pages 432 publisher Addison Wesley rating 8 reviewer Mirko Zorz ISBN 0672323060 summary This book manages to shed new light on the problems of security implementation; a good gift idea for both your IT manager and your system administrator.

About the authors

Erik Schetina, CISSP, is the CTO for TrustWave Corporation. He spent 14 years with the U.S. Department of Defense developing information security systems and public key cryptosystems. Jacob Carlson is a senior security engineer for TrustWave Corporation. His primary role is leading the penetration testing and vulnerability assessment team. In his copious free time he likes breaking things and writing code. Ken Green is a senior security engineer for TrustWave Corporation where he works extensively on intrusion detection systems, firewalls, and virtual private network initiatives.

When you read biographies like the ones above you can be somehow reassured that the content of the book is good. All of the authors come from TrustWave Corporation and the fact that they work together has influenced the writing of this book, in a very good way.

The basics

At the very beginning of the book the authors show us that the starting point of building a secure environment is not the implementation of a solution but rather the defining of the assets we want to protect. You have to know what's a threat to your assets in order to choose the best security solution.

The authors manage to successfully illustrate how different things such as system administration, policy and audits fit into an overall security plan. Through the book, the authors educate the reader by making sure he sees "the big picture." The bottom line is that "the transition from a techie to a security professional consists in the recognizing the importance of all the components of security." In the second chapter some great material is covered: description of the security process, assessment and policy, asset protection, monitoring and detection.

Which one is better?

When describing the way things can be done, the authors always give you the pros and the cons. For example, at one point they describe the difference when using commercial scanners in penetration testing compared to using a team of people who will do it by hand. They provide good pros and cons for both ways, and that's one of the great things about this book, you always get to look at the other side of the coin.

The insecurities

What we all know is that the Internet is inherently insecure -- that's why this book was published in the first place. The authors explain why it's insecure, who administers it and how it works. Some of the topics presented here are: an overview of TCP/IP, the Domain Name Service (DNS), Whois databases, anonymity, and much more.

History is also present in this book. Chapter 4 begins with a brief overview of the history of the Internet and the TCP/IP protocol suite. Also mentioned is the Morris Worm (November 1998). As we move on, the DNS is explained in greater detail (with some security issues addressed specifically), and we are slowly presented with an abundance of technical details that stretches over several chapters. Some of the things that are explained in the book include: secure protocols, virtual private network protocols and encapsulation, the secure shell (SSH) and authentication systems.

As an inevitable part of a book of this kind, there's a part dedicated to passwords (and good rules for their generation), and another on digital certificates. The authors present the shortcomings of certificates as well as their best uses. Although neither of these are explained in great detail, you'll be able to get an overview of the things presented.

Moving on, we get a plethora of information covering: firewalls, DMZs, VPNs, external and internal threats, the security of wireless networks, workstation management issues, intrusion detection systems and log processing, etc.

Operating systems

The book also gives some good information when it comes to operating systems and server software. Some of the covered topics include:

• Windows NT and 2000 - authentication, access tokens, security identifiers, object access control lists, tightening Windows users rights, etc.
• Linux - overview of the Linux Kernel, file system permissions, authentication mechanisms, how PAM works, etc.
• Server security: web, mail, FTP, etc.

Attack and defense

If you want information about attacks, denials of service attacks are covered in great detail, along with many other attack scenarios. Since you also want to protect yourself from all of these attacks there's naturally much material dedicated to firewalls: their functions, implementation issues and vulnerabilities. Now that's not enough, is it? Now you want more. There's a whole chapter dedicated to intrusion detection systems and one dedicated to incident response and forensics. The chapter on incident response and forensics will be of particular interest for all of you who want more knowledge of legal and privacy issues.

Secure Code

To complete the book, there's a chapter dedicated to the developers, which discusses the development of secure Internet applications. Here you'll be able to read about common sources of programming mistakes, exploiting executable code, application-level security, coding standards, and more.

The verdict

This book manages to shade a new light on the problems of security implementation by explaining the position of the system administrator and the position of the IT manager in order to make them both understand their role in the overall process of security in the company. It's a good idea to give it to both your IT manager and your system administrator, they will both learn from it and in the process start to understand each other on a new level. With this book, you basically learn to think on a larger scale.

There are not many downsides. There are basically only two things that I didn't like about this book: the lack of resources, and (in parts) the writing style. There are not enough resources listed, and I always like to get to more information. As regards the writing style it's obvious that this book was not meant to entertain in any way, but it sometimes seems a bit too serious. I always believed that learning should be fun. That's just me :)

Overall, this is an excellent book, two thumbs up!

If you're interested in hearing what one of the authors of the book has to say, you can check out an interview with him here. You can purchase Internet Site Security from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

jtauber writes "Looks like the Adventures of Tintin may be the next series of books to be turned into a film franchise with Spielberg in talks to acquire the rights. See the Marlinspike for more information." Tintin was one of my favorite "book" type comics growing up - and they've released collections.

nellardo writes "War of Honor is out, complete with the aforementioned CD-ROM full of free, unencrypted novels. If you're a true fan of Honor Harrington, you probably don't need this review - you've already bought the book. If you're just waiting for paperback, don't, because the CD-ROM included with the book is worth the price of the book. If you're new to the Honor Harrington series, reading the book itself is not the place to start, but with the entire series (and then some) on the CD, you might want to pick up the book anyway, just for the CD-ROM." War of Honor author David Weber pages 869 + CD-ROM publisher Baen Books rating 9 reviewer Brook Conner ISBN 0743435451 summary Essential for fans of Honor Harrington. Sometimes turgid and complex political sci-fi. CD-ROM worth the cover price by itself.

War of Honor is the tenth full novel in David Weber's Honor Harrington series, and thirteenth book (there being three collections of stories set in the so-called "Honorverse"). For those of you that have read the earlier novels, this is more of the same, though Honor herself figures perhaps somewhat less prominently in it than in previous novels. It's got Weber's usual rich and detailed plot, along with Weber's occassionally turgid and expository writing.

One thing that makes this novel different from the others is that Weber has fully incorporated characters and plot lines from the short stories set in the "Honorverse" but penned by other authors. Earlier novels had made allusions to some of Weber's own short stories, but none had integrated another author's work to the extent that War of Honor does. Of course, this does nothing to simplify the plot or reduce the expository interludes (Weber includes enough explanation so that you can follow the plot without having read the prior short story). It does add to the flavor though, and helps keep Weber from simply retreading old ground.

Discussion of the plot, even aside from spoiler concerns, is well-nigh impossible. There's simply too much that happens. This isn't a book that could be a film - it's a mini-series, even without the prior nine novels. War of Honor is not a light and fluffy read. It's a good two hundred pages longer than the previous novel (Ashes of Victory) and doesn't have some of the breezy, happy passages of its predecessor. In fact, you might want to take a break halfway through - I did, with a complete novel in a much lighter vein (bad pun - it was an Anita Blake, Vampire Hunter novel). Suffice it to say that Weber knows how to write the next installment in a series: this one resolves enough threads to make it satisfying and opens enough new ones that readers will continue to scream for the next novel.

What Slashdotters are most familiar with, though, is the CD-ROM that's been discussed here before. And it's a nice one, to be sure. While the books on the CD themselves are available at Baen's Free Library, the CD contains more.

One of the most wonderful resources is the art gallery: the covers of the most recent editions of the Honor Harrington books as jpg images, all at 800x1200 pixel resolution or greater. Not scans of the covers but images of the original art, without the title graphics or anything else. I predict some very nice wallpapers coming soon to a site near you.

The CD-ROM also has other lovely tidbits, such as audio selections from several novels and MP3s of songs from the group Echo's Children. So even if you haven't caught this filk group at a sci-fi con, you still get their songs and lyrics based on events in the Harrington novels.

And all of this is on top of all the books on the CD-ROM. All ten Harrington novels, and yes, that includes War of Honor itself. All three collections of Harrington stories. And twenty five (not the previously-reported twenty two) other books, from the likes of David Drake, Eric Flint, Dave Freer, Mercedes Lackey, Keith Laumer, Larry Niven, Jerry Pournelle, John Ringo, and James H. Schmitz. No encryption. No copy protection. In several formats each, including HTML, Microsoft Reader, Mobipocket, Rocket, and RTF files.

Put it all together in one no-download place and the CD-ROM is arguably worth the price of the hardcover book all by itself. Certainly, no new release CD-ROM sold by itself is going to sell for much less than US$26 (the cost of the book).

I'm of course reminded of Tim O'Reilly's (and many others) numerous comments to the effect that obscurity is a bigger problem for publishers than piracy. Jim Baen evidently agrees. He's just put the full text of a brand new flagship property (another bad pun, I'm sorry) in the clear. The disk even says you can copy it. Stamped right on the disk: "This disk and its contents may be copied and shared but NOT sold." Even the copyright notice says "All commercial rights reserved." Not "All rights reserved."

Given the popularity of the Honor Harrington series over all, it's just possible that this novel will make the NY Times (free reg, blah blah :-) best sellers list. And if it did, with its entire text freely and legally available on the net, wouldn't that be an interesting place for publishing to be?

You can purchase War of Honor from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

ianb104 writes "I was rushing home to catch the ending part of game 6 of the 1997 Kasparov vs. Deep Blue match, when the news came over the car radio that Kasparov resigned after less than one hour of play, to my great dismay. Behind Deep Blue: Building the Computer that Defeated the World Chess Champion brought back this memory and then some." Read on for the rest of Ian's review. Behind Deep Blue: Building the Computer that Defeated the World Chess Champion author Feng-hsiung Hsu pages 298 publisher Princeton University Press rating 9 reviewer ianb104 ISBN 0691090653 summary A real-life historic triumph of the nerds

My wife gave me this book as a birthday present. I was thrilled that finally someone wrote what really happened behind the scenes at the two historic matches, but Behind Deep Blue turned out to be far more than just about the matches. The early part of the book is equally absorbing and full of surprises.

Who & What

Feng-hsiung Hsu, the author, was the father of the Deep Blue project and a troublemaker. When you see a section title like "Mr. Rogers' Neighborhood" in a book about computer history, you know something is up. What he did in this particular section would have been an awful career move today, like landing him in a jail. As it was, he almost got kicked out of grad school. This precarious position played an important role in how the project got started.

The book has two main parts: the beginning and the history of the project at Carnegie Mellon University, and the successful conclusion at IBM, including the two matches with Kasparov.

Carnegie Mellon

During the matches, the IBM web site de-emphasized the Carnegie Mellon part of the project. The instant chess books also failed to fill the void. It was a shame.

The main ideas behind the project apparently were formed at Carnegie Mellon--several of them at a fateful night in Hsu's apartment. I know little about IC design, but his description of the new ideas discovered at that night, underlying the first single chip chess move generator, made me feel like that I could design the chip myself. His thought process in coming to the discovery is also quite interesting. Hsu seems to be a diehard Trekkie. In his description of the selective search algorithm "singular extensions," he repeatedly used the Starship Enterprise in his analogies.

For fans of AI, the book contains a big surprise. Even though Deep Blue's triumph over Kasparov might be considered as a major victory for AI, several of the early members involved in its creation had a definite anti-AI opinion. An exact quote from the book is "AI is bullshit." Hsu himself had an ambiguous feeling toward AI. The main approach taken by the Deep Blue project was to push the technology envelope, which is certainly non-AI, but he also talked of the need for chess knowledge repeatedly in the book.

The central story at Carnegie Mellon revolves around the rivalry between a ragtag group of graduate students and a powerful professor, Dr. Hans Berliner, who is a former World Correspondence Chess Champion and world renowned authority on computer games. I have a feeling that there are things left unsaid in the book, but the intensity of the rivalry and the male egos all come through clearly. One of the thorny points to the students, strangely enough, was that they were not Dr. Berliner's students but the press kept on saying they were.

After the students came out with Deep Thought, the first Grandmaster strength computer, the incorrect press perception produced a very funny story. The story of "The Poor Lieutenant Colonel at Darpa" tells how an overzealous reporter wrote a cover article for the British magazine Spectator, purporting to have discovered that the U.S. Department of Defense had enlisted the service of chess computers. In the process of this discovery, the reporter phoned Dr. Berliner, whom the reporter thought was heading the Deep Thought project, for the inside scoop, and afterwards cold called a Lieutenant Colonel at Darpa in charge of expert systems research, which had nothing to do with the Deep Thought work...

IBM

I did not realize that the Deep Blue team played Kasparov publicly three times. The first time was with the machine Deep Thought, during the transitional period when the team moved to IBM. Kasparov won that match 2-0. The publicity from this match and the subsequent confusion between "Deep Thought" and "Deep Throat" were partially responsible for the new Deep Blue name. The original Deep Thought name came from the sci-fi trilogy Hitchhikers' Guide to the Galaxy.

The story of the completion of the first Deep Blue repeats a theme that recurs throughout the book--the machines always barely work in time. "Four Hours to Spare" describes a period when the first Deep Blue chip had to be used in a new program and had to win or tie an exhibition match, in order for the project to survive. The team barely got the new program "working" with four hours to spare. They managed a tie.

The late-to-arrive situation in the 1996 Deep Blue match itself was not much better--the very first ever game played by Deep Blue was none other than its first game with Kasparov. Deep Blue itself was being put together only weeks before. Deep Blue won this game. What Kasparov said right after the historic game is priceless. There should have been a microphone at the playing table. The behind-the-scenes coverage of this match is more detailed than available anywhere else, but not quite as extensive as that of the final match in the book.

Deep Blue's loss in 1996 spurred a series of activities by the team. I don't recall seeing them mentioned explicitly during the 1997 match. A new Deep Blue chip was designed, along with new software tools for match preparations. The story of "The Phantom Queens" is quite amusing. The team discovered a design bug in the new chip that caused phantom queens to be generated on the chip's internal chessboard. One way to fix the bug was to slow down the chip by disabling a design feature. As a result of this slowdown, we have the only match outcome of what might have happen if Deep Blue had been running at the same speed as commercial chess programs when competing against them. I will let you find out for yourself what the outcome was. A workaround was later implemented, and Deep Blue did not suffer the same slowdown in the match against Kasparov.

The big chapter on the 1997 match alone is worth the price of the book for me. It was a great deal of fun to read. The wild accusations, the missed opportunities, the psychological war game off the board, the battle through the media, and plain simple misunderstanding all make for wonderful reading. The arbiter, Carol Jarecki, summed it up quite well, "This match has it all." I don't want to spoil all the fun for you, but I will mention two interesting tidbits from game 1 and game 6. Deep Blue played the last move of game 1 as a result of bug, although the game was already lost. Kasparov's team was surprised by the move and spent all night to find out why Deep Blue played the move and concluded that Deep Blue played its move because it saw a very deep mate if it had played what should be played... Game 6 was widely reported as Kasparov forgetting his own opening preparations. It could very well have been a deliberate gamble instead. All the other programs at the time, including the 1996 version of Deep Blue, very possibly would have lost the white side of the game.

Other Stuff

The epilogue of the book contains a short description of what happened after 1997, including an aborted attempt to answer Kasparov's repeated challenge for a new match. The first appendix gives autobiographic materials. The other two give selected game scores and pointers for further reading.

General Comments

This is not a chess book, and you don't need to be a chess player to enjoy it. The few paragraphs on technology should be readable for high school students or younger kids with scientific interests. Or you can just skip them.

The book is not really one contiguous story, but a collection of short stories and anecdotes. I read the whole book in one setting, but you could easily read the book in smaller chunks at a time.

Quibbles

Okay, you probably don't need an index for this book, but it would have been nice to have one. Interestingly enough, at www.bn.com, the review mentioned "a strange, inaccurate index", which must have there in the prepublication copy.

Conclusions

I highly recommend the book for general reading. You are not going to learn how to build something like Deep Blue from this book, but you get a good sense of what kind of human struggles it takes. Computer scientists and electrical engineers should get a good kick out of the book, but a layperson can enjoy the book just as well. If you have young kids with interests in engineering or science, this might be a good gift for them.

You can purchase Behind Deep Blue from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Liam writes "Tomcat is a subproject of the Apache Software Foundation's Jakarta project, its purpose being to serve Java Servlets and JavaServer Pages. It's a complex piece of software and though the documentation is very comprehensive, it helps to have a good reference work to hand. There aren't many books on the subject to choose from, so a publisher could make a fast buck putting out an incomplete work lacking in depth. Fortunately Wrox Press has done a great job with its new publication Professional Apache Tomcat." Read on for the rest of Liam's review. Professional Apache Tomcat author Chanoch Wiggers et al pages 600 publisher Wrox Press Ltd rating 9 reviewer Liam ISBN 1861007736 summary Comprehensive guide to Apache's Tomcat server

The book covers every aspect of installing and configuring Tomcat in a great deal of depth, detailing its every aspect. From standalone use (where Tomcat is used as a general web server as well as for serving Java content), to integration with the leading web servers Apache (both Unix and Windows versions) and Microsoft's Internet Information Services, nothing appears to have been left out (however, integration with Netscape's Enterprise Server is mentioned in passing early on, but doesn't appear again).

Being only a month old, it's pretty much bang up to date, covering Tomcat 3.x, 4.0.x and 4.1.x with Apache 1.3.x and 2.0.x and IIS 4 and 5.

The book starts with an introduction to the Apache project, and Tomcat's place in the wider scheme of things. The historical progression in serving dynamic web content from CGI to Servlets and JSP is charted, and there's an overview of JSP tags and general web application architecture. This is interesting enough and useful as background, but as this book is intended for administrators, it's covered quickly in the first two chapters, and the main business of installing Tomcat gets underway in chapter 3.

Installation is discussed with both Windows and Linux users in mind, from both binary and source distributions. As the Tomcat source is usually built with Ant, build and installation of this tool is also discussed (Ant and Log4j, both also part of Jakarta, get chapters of their own later in the book). From there, basic configuration of the standalone server followed by detailed examinations of the components that make up Tomcat's architecture fills the next 200 or so pages.

Serious users of Tomcat will wish to employ Tomcat with an existing web server, and four chapters concentrate on this job. There is more emphasis on Apache than IIS, though given Apache's dominance of the web server field, this is understandable. There is inevitably a certain amount of detail aimed at Apache and IIS configuration, and a basic knowledge of both is assumed throughout. However, any necessary information is included in detail; for example the (Apache) connector modules mod_webapp and mod_jk/jk2 are given a thorough treatment, describing their use from source installation to configuration, together with the pros and cons of the various connectors available. Beyond that, we learn how to design larger-scale setups, with an explanation of load balancing techniques and scaling of the system, and performance testing with JMeter, yet another Jakarta project component.

As ever, security is a major concern and gets a lot of emphasis. Before client authentication and the use of SSL are discussed, there's an overview of basic system security with Unix and Windows. This should be teaching granny to suck eggs for a book aimed at administrators, but it's only a few pages and completes the subject. More interesting are the sections on security realms and user/client authentication. We are presented with examples of authenticating against a MySQL database with JDBC (database connectivity with JDBC is a big enough subject in its own right, and so gets a separate chapter too), and digest authentication. We then move on to encryption with SSL: using Tomcat itself with the JSSE and PureTLS Java SSL implementations, then later with Apache and SSL (setting up mod_ssl with Apache gets a very useful appendix of its own, taken from Professional Apache 2.0, another Wrox book). Again, there's lots of detail, right down to how to get hold of signed certificates for your server. Here the book's general emphasis on Apache over IIS is most apparent, as SSL with IIS is not discussed at all. However, I have no experience with IIS, so I can't say for sure how serious this omission might be.

There's a very brief appendix on setting up Apache's Axis SOAP toolkit, but without any mention of SOAP appearing elsewhere in the book. As other concepts are introduced so well, it's a curious addition.

With nine co-authors (though only four got onto the cover photograph - I wonder if they drew straws?), one might expect wildly different styles throughout the book, but each chapter is consistently and clearly laid out with diagrams and relevant configuration file fragments where necessary. There's little levity and it's all written in a very business-like manner, but then this is hardly a subject you'd choose for holiday reading.

Professional Apache Tomcat is surely the definitive book on the subject. I recently used it to integrate Tomcat 4 with an existing Apache 2 installation, and everything went very smoothly. More than just a set of tutorials, it offers a thorough description of the whole architecture, and makes an excellent companion to either of Wrox's Professional Apache books.

There's no CD with the book, but Wrox's website provides some support code, and there are lively forums for readers at p2p.wrox.com.

You can purchase Professional Apache Tomcat from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Stella Daily writes "When the cool kids make fun of the geeks, the results are often lacking in wit ('Hey, Four-Eyes!') or simply inaccurate. We've all heard the joke about the computer programmer who, when given the choice of transforming a frog into a beautiful princess with a kiss, declines, saying he has no need for a beautiful woman, 'but a talking frog is REALLY cool!'" Read on for the rest of Stella's brief review of Science Askew to find out whether insiders can do a better job. Science Askew: A Light-Hearted Look at the Scientific World author Donald E. Simanek and John C. Holden pages 310 publisher Institute of Physics Publishing rating 7 reviewer Stella Daily ISBN 0750307145 summary Geeks poking fun at themselves, with mixed success.

Whoever came up with that joke definitely doesn't know geeks, or he'd know that they most certainly do appreciate the opposite sex and that that programmer would have been all over the frog in a second. But when geeks make fun of themselves? Now that's something to see -- and Science Askew is a collection of just such humor. The jokes run the gamut from one-liner to extended essay, and almost every major branch of science is represented.

The great strength of Science Askew is that, unlike so many collections of humor about a particular group of people, these aren't just blonde jokes with "chemist" or "computer programmer" or "mathematician" substituted for the word "blonde." It's subject-specific humor -- and at its best, it's good for some serious belly laughs. (An example: "Never lend a geologist money. They consider a million years ago to be recent.") Most of the time, a specialized knowledge of a particular branch of science isn't necessary to get the jokes -- merely being a generalist geek is more than enough.

You'll find many old chestnuts gathered here, such as the "Ban Dihydrogen Monoxide!" essay, mixed in with original material by Donald Simanek and lesser-known pieces plucked from magazines. John Holden's illustrations, which range from the brilliantly funny to the incomprehensible, are sprinkled throughout.

Why does Science Askew rate only a 7? While it's nice to have so many science jokes gathered in one place, you're likely to have heard a good number of them before -- and even if you haven't, you can find them (and many more) for free here. While there is a significant amount of original and hard-to-find material, it tends to be of lesser quality than the stuff you can find on the Web. Thus, it's hard to justify the $30 price tag. Plus, as a chemist, I can't help but be miffed that there's no section for chemistry (though there are a few chemistry jokes scattered in other parts of the book). There's an entire 23-page chapter devoted to the life and times of a single fictitious scientist, so why not a chapter for the chemists?

When geeks lampoon each other, the results can be dangerously funny. Unfortunately, as Science Askew shows, the jokes can also fall flat -- but there's enough good material inside to make it worth a look.

You can purchase Science Askew from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

smarks writes "Java Development with Ant effectively shows the reader how Ant can be used as the foundation for the most complex Java software configuration solutions. The book is divided into beginner, intermediate and advanced sections, which makes it appropriate for a variety of audiences. The book has a comprehensive survey of tools that can be used with Ant such as JUnit, CheckStyle, Middlegen and XDoclet Even the experienced Ant user will find these sections helpful. Overall, Java Development with Ant is an excellent resource." Read on for the rest of Spencer's review. Java Development with Ant author Eric Hatcher, Steve Loughran pages 634 publisher Manning rating 8.5 reviewer Spencer Marks ISBN 1930110588 summary How to use Ant to meet all (or most of) your poject's software configuration needs

Pros:

• Excellent coverage of optional Ant tasks
• Good division of beginner, intermediate and advanced content
• Thorough discussion of how to use Ant to solve a variety of software configuration management situations
• Shows how to use Ant for tasks outside of typical configuration management roles such as the automated code generation of EJB and Application Server deployment descriptors
• Shows how Ant helps with a variety of software development methodologies including XP's suggested best practices of continual integration and JUnit testing
• Catalogs IDEs that integrate well with Ant including my personal favorite, Intellij's IDEA development environment

Cons:

• Some of the examples could have benefited from more detail. For example, the section on the PropertyFile task could have shown how to solve the problem of platform specific path separators in Java property files.
• At the time of this review, the book's accompanying website was a bit meager. For example, a comprehensive list of Ant on-line resources would have been helpful.

What the book offers

I consider myself an intermediate Ant user and when books on Ant first appeared I thought they would add little to the excellent free documentation and examples readily available. With its clean, straight forward syntax and structure, Ant has a low of cost of entry, and being rooted in Java and XML it is extremely flexible and extensible. I found Ant refreshingly easy to use as part of a configuration management system that included continual integration and a unit testing strategy. It was much better suited for Java development than the tool I previously used which was make. So when I agreed to do this review, I was skeptical that I would find the book useful. However, the book proved to be rich in valuable information that is well organized and clearly presented. Java Development with Ant, written by Erik Hatcher and Steve Loughran who are both committers to the Apache Ant project, is a great resource for anyone wishing to learn how to integrate Ant into his personal set of best practices for software configuration management solutions.

Coming to the book as a long time Ant user, I was glad to see that it offered material appropriate for others than just those approaching Ant for the first time. The book is divided into three sections each of which could probably find a niche as useful (and thinner) separate book: Learning Ant, Apply Ant, and Extending Ant. Only the first section of the book is devoted to first-time users, or those Learning Ant. The reminder of the book is about Ant in action. It covers an interesting variety of third-party Ant tasks, various ways of applying Ant to software development projects, and an in-depth section on how to extend Ant writing your own Java classes.

After a short but helpful introduction to the general topic of software configuration management, the first section, Learning Ant, launches into a thorough explanation of Ant's fundamental concepts and operation. JUnit test integration is treated as part of of the basic operation of Ant, which I was happy to see because unit testing should be a fundamental part of any software configuration management process.

Despite having used Ant on a number of projects since the summer 2000, at no point have I had to become truly expert with it in order to solve the wide range of software configuration problems I encountered. This is because Ant is easy to use. Typically, I figure out what I want the software configuration management to do, and then look for Ant examples that I can easily tweak to get the job done. I think it is a great credit to the Ant and its designers that I can do this successfully. Even though I've had this success with Ant, the introductory material filled in some of the gaps I had in my understanding of Ant's operation. For example, I was introduced to the PropertyFile taskdef which up until then had escaped my notice but which solved a problem for which I previously had a less elegant solution.

The most interesting part of the book was the second section that talked about a variety of Ant add on programs (called taskdefs) like Middlegen (an EJB descriptor tool) and XDoclet. XDoclet had been on the periphery of my radar for a while now, so I welcomed the book's thorough discussion of it in both a general and Ant specific sense. In addition there are helpful chapters devoted to using Ant as an aide to production deployment, web site generation including the compilation of JSP pages and the automatic generation of EJB descriptors. There are also chapters on working with Web Services using SOAP and a section on how Ant can be used as part of a continuous integration process complete with email notification. There is even a section on using Ant for Java projects that have a native code component. (Ant can be used to compile native code and the book shows how it can be helpful in dealing with the complexities surrounding JNI.) The book works well as a reference text. There's no need to read it from cover to cover in order for it to be extremely helpful.

The third part of the book also looks interesting, but it is intended for a more hardcore audience than myself. I've been fortunate to find ready made solutions for all the configuration management services I wanted to provide my clients. So, learning how to extend Ant has never been an issue. Every time I think I might have to develop my own answer, I find that someone else has already beaten me to it. Such is the nature of successful Open Source projects. However, I am glad this section exists, because I am sure at some point I will use it myself or refer a student or client to it.

The book even has some material on using Ant outside of the context of Java. Not having much experience with these technologies, I didn't pay close attention to these sections. (I am sure I'll be amused when I encounter my first .NET project that is using Ant for its configuration management solution).

In closing, if you are more than casually interested in software configuration management for Java projects then I recommend this book with enthusiasm. Beginners will be up and running with Ant in short order, while the book contains many interesting and useful nuggets for more experienced Ant users.

Ant on the web

• The Ant Project -- be sure to see their resources section.
• Ant FAQ at jguru.com (moderated by the book's co-author: Erik Hatcher)
• Ant forum at jguru (moderated by the book's co-author: Erik Hatcher)
• JUnit: A regression testing framework written by Erich Gamma and Kent Beck. It is used to implement unit tests in Java.
• CheckStyle: A development tool to help programmers write Java code that adheres to a coding standard.
• Middlegen:A general-purpose database-driven code generation engine.
• XDoclet: An extended Javadoc Doclet engine. It's a generic Java tool that lets you create custom Javadoc @tags and based on those @tags generate source code or other files (such as xml-ish deployment descriptors) using a template engine it provides.
• Intellij's IDEA "Develop with Pleasure" with this award winning Java IDE featuring full Ant integration that Marin Flower says: has succeeded in really moving forward the state of the art...
• The NetBeans and Eclipse Open Source IDEs also integrate nicely with Ant.

You can purchase Java Development with Ant from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

David Kennedy writes with the following review of Pete McBreen's new Addison-Wesley title, Questioning Extreme Programming. It's one of the few books which casts a questioning look at the buzzwords and concepts of Extreme Programming; read on to see how well XP fares under McBreen's examination. Questioning Extreme Programming author Pete McBreen pages 186 publisher Addison-Wesley rating 9 reviewer David Kennedy ISBN 0201844575 summary A critical but fair re-examination of all of XP.

In short:

This is bound to a controversial and widely read title -- it is a critical but fair re-examination of all of XP's assumptions and core practices. It provides a much needed comparison of XP with other, less popular, methodologies. Overall, XP emerges favourably, with one serious caveat -- the author concludes that XP is only suitable for a very narrow range of projects, and those that can fulfill all requirements probably stand a significant chance of succeeding using any of the similar methodologies. As with programming languages, there is no silver bullet -- put XP in your methodology toolbox, know when it is appropriate and only use it then.

A couple of interesting specifics:

• The author specifically argues, and I agree, that what the XP literature badly needs is a DSDM 'suitability filter' to advise project leaders as to whether XP is for them.
• In the preface, Kent Beck describes the On-Site Customer role as a team, and not an individual role.

Overall, this is an intriguing and well-argued book. It's based on solid, reasoned arguments, with conservative conclusions drawn based on the evidence. It's a must-read for those interested in XP and other Agile methodologies. The Extreme Programming Series

This is the 8th title in The Extreme Programming (XP) Series from Addison-Wesley, surely the most widely read series on a software methodology ever! (If that isn't achievement enough, XP also made testing sexy again. I hear that accountancy firms are looking for Kent Beck to do Public Relations work ...) For those of you who have been living under a rock for the past couple of years the previous titles are:

• Extreme Programming Explained (Beck)
• Planning Extreme Programming (Beck & Fowler)
• Extreme Programming Installed (Jeffries et al)
• Extreme Programming Examined (Succi & Marchesi)
• Extreme Programming in Practice (Newkirk & Martin)
• Extreme Programming Explored (Wake)
• Extreme Programming Applied (Auer & Miller)

This new addition to the XP library feature a foreword by Kent Beck. This is important as many of the reactionary XP fan-club will not like this book -- it challenges XP, and I am delighted to see this title as part of the series. Beck admits he doesn't agree with McBreen's conclusions, but asks you to read the book and decide for yourself, conceding that the arguments are fair and reasoned. I come from a scientific background and distrust anything except wide open debate, a position many who welcome XP will surely agree with. A book challenging XP can only help persuade people to give it a go, by addressing their fears and explaining how to manage any real risk.

Check your sources

Pete McBreen is the author of the excellent Software Craftmanship: The new imperative, a 2002 title from Addison-Wesley. In it he outlines an alternative to the software factory model behind much of traditional software engineering thinking. He proposes a collaborative model with small teams, where the software coder is seen as a craftsman in constant dialogue with the customer. Sound familiar? It should, this is a cross between a methodology and book of advice for career programmers, and fits squarely within the values proposed by the Agile Alliance, and arguably popularised most by XP.

I highly recommend Software Craftmanship, and can think of few authors who are as well positioned to give an analysis of XP as it currently stands.

What is the book about?

Questioning Extreme Programming does just that -- it's the first title in the series to take a skeptical look at the rise of this popular methodology and question some of the key assumptions. Arguably there was material like this buried in Extreme Programming Examined, but it suffered from a fragmented, detailed view, due to it being a bound set of conference papers.

The author tackles XP in a fair way -- he's extremely excited by the methodology, and it's clearly in accord with his own preferred approach. What he does is tackle each of the XP tenets in turn, questioning their validity, and then moves on the compare XP to other Agile methodologies and asks how XP stacks up against the competition. He also has a look at the common mis-conceptions (from both sides) about XP, and tackles the key arguments against its adoption in the same way.

Let's have a look at the contents to give you an idea of the structure:

• Introduction.
  XP: Hype or HyperProductive?
• What is a methodology?
  
  • What do methodologies optimise?
  • What are XP projects scared of?
  • What do other methodologies consider important?
  • What is important for your projects?
• Questioning the Core XP Practices
  
  • Planning incremental development
  • Truly incremental development
  • Are we done yet?
  • Working at this intensity is hard
  • Is that all there is to XP?
• Questioning XP concepts
  
  • The source code is the design
  • Test first development
  • Large-scale XP
  • Is the cost of change really low?
  • Setting the dials on ten
  • Requirements: Documentation or a conversation?
  • Is oral documentation enough?
  • Playing to win?
• Understanding the XP community
  
  • ReallyStrangeSayings
  • Feel the hostility; experience the joy
  • Transitioning away from XP
• Your choice
  
  • Is XP for you?
  • Do you have a suitable first project?

What's good?

The whole thing. Let's start with the basics, the high standards of the XP series are maintained, with flawless editing and layout. Moving on, the author's position is admirably neutral -- he is knowledgeable about the field, and although he wants to be converted, he argues only from first principles, and only from the evidence. Similarly, at no point did I think he set up a straw man, or tackled the opposing issues in a different manner. I particularly admired the way he avoided polarising issues -- "All models are lies." -- dismissing them as unhelpful in his current investigation. (He points out that much of the fire in the XP debate has resulted from the use of deliberately polarised opinions as a unambiguous goad to further debate within the XP community. Fine within the gang, inflammatory outside.)

The structuring of the book is of particular interest -- the argument could easily sprawl, but is restrained into very short sub-sections, with each section sporting a clear list of summary bullets. As much as is practical, each challenge to a tenet or practice of XP is discussed independently. (This comes across as simple and straight-forward and you may wonder why I even mention it, but I think it's a fine piece of editing and worthy of praise.)

The sections of the book that I enjoyed most were those dealing with the SmallTalk culture that XP grew out of -- he presents an interesting analysis of why XP works within that environment but discusses how that environment is NOT typical of most development. I have some bias here due to my own experience, see below, but had to agree strongly with his contention that XP is weakest when it comes to team resourcing, and the on-site customer. In particular, he argues that while XP restores dignity and human rights to the programming team, it does so at the expense of the poor frazzled customer. Similarly, he argues that the pre-conditions for XP, in terms of the programming staff, are so high that almost any methodology could be made to succeed with that team.

Don't get the impression that this is a negative work -- it's not. Most of XP emerges intact, and I felt that the author genuinely wanted only to restrain people from adopting XP in inappropriate situations -- not to persuade people to avoid XP. In doing so, he actually protects XP from bad press due to teams failing when trying to adopt XP, them blaming XP itself, rather than their own inappropriate circumstances.

What's bad?

Er, not much. He sort of pulls in some material re Open Source early on, but fails to particularly build on that comparison, moving instead to a comparison of Agile methods in closed source circumstances. This is a feeble objection -- but really, it's all I've got this time!

Anything to declare?

I should probably give a quick sketch of my background before I finish as I am slightly biased -- most of my work has been in the telecommunications sector, where I either worked with a large code-base (legacy) or a large, distributed team (new development). In no way was I working in the XP style, although I became test-infected easily I found it difficult to even imagine how to apply some of the XP practices to my workplace.

XP changed the way I code and work, for the better, but in a large environment, with no contracting customer, and few experts on a complex domain involving simultaneous hardware development I couldn't see any way to do XP. I'm not saying what we did was good, I'll be the first to admit it was broken (hmm, and I'm unemployed now, time to go and think about cause and effect!). The key assumptions of pure XP just didn't fit the industry I've seen most of. (To be fair, McBreen would have called these projects "systems engineering" and placed them outside of the discussion.) Now that I'm seeking employment again, I'm a lot more aware of methodologies and am much keener to work within an Agile framework, as I believe that all of the methodologies, XP included, offer a much better way of developing software. However, the key point remains -- XP cannot be applied everywhere.

Lastly, I should make it clear that I received a review copy of this title from the publisher and did not pay for it. I paid for my own copy of Software Craftsmanship.

You can purchase Questioning Extreme Programming from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Spencerian writes "UNIX guru and writer Dave Taylor's Teach Yourself Unix System Administration in 24 Hours is a strong "rosetta stone" reference and tutorial for beginning and intermediate Mac OS X, Linux and UNIX system administrators. The book covers fundamental and specialized UNIX sysadmin tasks for three UNIX flavors: Red Hat Linux 7.2, Solaris 8, and Mac OS X, version 10.1.2. Although Mac OS X and Red Hat have advanced in versions since this book was published, it doesn't appear to affect the book's usefulness since many of the tasks involve the venerable UNIX command line." The rest of Kevin's review is below -- read on to see if this book might help you. Teach Yourself Unix System Administration in 24 Hours author Dave Taylor pages 508 publisher Sams Publishing rating 8 reviewer Kevin Spencer ISBN 0672323982 summary Teach Yourself Unix System Administration in 24 Hours makes an excellent rosetta stone for beginning or intermediate UNIX sysadmins.

The Big Picture As you might get from the title, Sams Publishing's "24 Hours" book series attempts to teach specific tasks or steps within 1 chapter per hour. UNIX can get pretty complex, so it would seem that this format would limit the effectiveness of this book. Not so.

Topics from the book include:

• Unix Installation
• Documentation
• File Ownership
• Disk Usage
• Account Management
• Package Management (including the Fink system for Darwin)
• Process and System Controls
• Network configuration
• Web Server Management and shell scripting

Almost every chapter views how a particular task is handled with Linux as its normal focus, where many commands are shared between Solaris and Mac OS X. When functionality differs, Taylor downshifts to show how matters are handled in each respective operating system. As someone very experienced with Mac OS X, I found Dave Taylor's discussions on Mac OS X idiosyncrasies in contrast to Red Hat and Solaris very useful, particularly where Darwin overrides the traditional dotfile preference configuration, substituting the convoluted NetInfo services.

What to Expect Dave provides a Q & A section after each chapter. In an early chapter, Dave answers a typical geek question, "What Unix distributions do you run on your own systems?" Dave provides a very geeky answer--his Apple PowerBook G4 is running Mac OS X (with Darwin as its core, of course), along with a PC running Windows 2000, Linux Mandrake 8.1, and a web server running Red Hat Linux 7.2--a varied assortment that shows Dave puts the author in authority. In a later chapter, Dave touches on emulators such as WINE and Virtual PC as options for additional operating system support.

What makes the book work is that Dave provides a very conversational tone throughout the book, almost as if you're sitting with him in front of a system, talking while you do your thing. Humorous moments are scattered in appropriate moments to make things less dry (this is UNIX, after all).

Questions that weren't answered for me as a beginning UNIX sysadmin in another book by Dave Taylor, Learning UNIX for Mac OS X , were available in droves in this book. Topics such as scripting with perl or from the shell, disk quotas, crontabs, rlogin, managing system logs, and the like--all answered. Ever wondered how Mac OS X handles system init states? You'll discover that its a tad different from other UNIX systems, but not too much.

The Bad and the Upshot I ran into several layout problems in the book that were somewhat annoying, such as where tables or notes were sliced between pages, making them difficult to read. It wasn't a showstopper at all, but I hope that a later reprint will pass muster.

If you're still getting your feet wet with a few basics, or have a really mixed environment of UNIX flavors, this book may be very useful to you. I'd recommend this book to any Mac OS X technician who wants to take advantage of its UNIX underpinnings. Beginning Linux users should also find this a strong general reference. The book's cost ($25) is very reasonable, even a bargain for a book of this depth. Overall, Teach Yourself Unix System Administration in 24 Hours makes for a very well rounded reference, as well as a tutorial book. Perhaps the title should be shorter--it's quite a tongue twister.

You can purchase Teach Yourself UNIX System Administration in 24 Hours from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

danny writes "Leading Spanish paleontologist Juan Luis Arsuaga has written a popular book on the Neanderthals, translated as The Neanderthal's Necklace: In Search of the First Thinkers. Read on for my review." The Neanderthal's Necklace author Juan Luis Arsuaga pages 334 publisher Four Walls and Eight Windows rating 9 reviewer Danny Yee ISBN 1568581874 summary a nice introduction to the Neanderthals

The Neanderthal's Necklace is an engrossing and informative introduction to the Neanderthals, setting them in the context of human evolution and prehistory more generally, and of broader ecological and environmental history. In it Luis Arsuaga touches on anatomy, demographics, systematics, evolutionary psychology, philosophy of mind, and more, but he does so sensibly, not trying to cram in too much and not getting distracted from his basic subject. He does focus on Spain and to a lesser extent on his own digs - he is one of Europe's leading paleoanthropologists - but while his passion for his subject is clear, The Neanderthal's Necklace never becomes autobiographical.

The first two chapters are an account of early human prehistory: the other apes, the various species of Australopithecus and Homo, early toolmaking, and so forth. This includes a brief introduction to systematics. Chapter three continues this with an account of the evolution of the Neanderthals in Europe and our ancestors in Africa, and an overview of their comparative anatomy and morphology.

Two chapters describe the environment in which this happened, presenting a history of the flora, fauna, geology and climate of Spain (and in less detail of Europe) over the last few hundred thousand years. Here Luis Arsuaga brings to life the mountains and forests of Spain, and the cave bears, mammoths, reindeer, and other animals that inhabited them. With bears and hibernation as the link, he goes on to consider the problem of finding enough to eat in this environment, especially in glacial periods. He looks at foraging and hunting (or scavenging) as sources of food, at the development of hunting technology, and at the extinction of many species. A chapter on demographics and life histories then explains how the archaeological record is used to estimate population densities, life expectancies, and so forth for both Neanderthals and Cro-Magnons.

Luis Arsuaga includes just a little bit of abstract philosophy of mind in an overview of debates over consciousness, sentience, language, and their evolutionary origins; he argues that Neanderthals had language and self-awareness, but lacked our more advanced symbolic abilities and vocal anatomy; evidence for "funerals" or other ritual behaviours is not conclusive. And he reconstructs the contact between Neanderthal and Cro-Magnon, with the latter's superior tools and social organisation giving them an edge in the last glaciation, and the last Neanderthals living in southern Spain. A brief final chapter recapitulates the story and glances at what came next, at agriculture and domestication.

Only a few rough sketches, graphs and maps are included in The Neanderthal's Necklace: a decent map of Spain is probably the major omission for non-Spanish readers. The publisher of this translation has, rather annoyingly, converted all the units from metric to Imperial, though the subject is surely scientific enough to warrant having left them. And a digression explaining the "grandmother" theory of menopause seems awkwardly "tacked on". Otherwise, there is not much to fault - this is a superb piece of popular science, one that does justice to its fascinating subject.

If you enjoyed this review, you might like to check out Danny's other paleoanthropology and popular science reviews. You can purchase The Neanderthal's Necklace from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

czarneki writes "This is the first book from Phobos Books, a new science fiction publisher based in New York. It's a collection of winning short stories from their 2001 fiction contest, and Orson Scott Card was one of the judges as well as the editor for the book. I knew nothing about this book before finding it in the sci-fi anthology section of the bookstore, and I only picked it up because OSC's name was on the cover. (For an unknown company and an unknown set of authors, this book has an impressive set of people associated with it: Doug Chiang, the design director for the new Star Wars movies, did the cover, and Lawrence Krauss of The Physics of Star Trek wrote a foreword.)" With that pedigree, I'm sure you'll want to read the rest of czarneki's review, below. Empire of Dreams and Miracles author Orson Scott Card and Keith Olexa pages 262 paperback publisher Phobos Books rating 9 out of 10 reviewer czarneki ISBN 097200260X summary A good science fiction anthology of new authors who write well

I'm a regular reader of the sci-fi magazines, and I have to say, the stories in this collection are so much better than 95% of what gets published in those magazines. Maybe it's because the big-circulation magazines are so desperate for readership that they prefer to publish only stories from well-known authors, and many of them seem to use the short-story format only as a place to dump ideas that just don't quite make it into novels. The unknown authors in this anthology, on the other hand, seem to come up with fresh ideas and take pains to craft good short stories around them. This is probably what OSC is referring to when he writes in the foreword to the collection that in order "to find deep novelty, readers of science fiction must find new writers as well as new tales from old friends."

Okay, enough of that. What are the stories like? There's a lot here that Slashdot readers would find provocative and interesting. My favorite in the collection is "Twenty-Two Buttons" (my first reaction when I saw this title was: On a mouse or keyboard? Alas, that's not the sort of buttons we are talking about). The story takes place in a future where pollution, crime, and lawlessness have turned the Outside into a myth, and people spend all of their time inside their houses. They manage to go to work and school, find friends and lovers, and have contact with people outside the family only through the Net (ok, ok, so some of us already are living that way, but still), which is heavily censored and monitored by the government -- in fact, the story implies that the dangerousness of the Outside is exaggerated in order to justify the government's control over the Net (draw your own paranoid analogies with the present). This has some fascinating consequences. For example, children make play dates over the Net and rely on VR projections to learn to socialize. Families meet each other through a kind of Net dating service for whole families, and though two families may be from opposite ends of the continent, they manage to sit down "together" to have dinner, the VR screen going down the middle of the table. (I actually kind of wish that were true. Why should I be stuck with the people who happen to have moved in next to me?) Since physically moving yourself and your possessions from one place to another is so expensive, once you are married you are pretty much truly stuck. The main character in the story had an affair over the Net because he connected with the woman he could only touch through the mediation of technology so much better than his wife, but when the affair was discovered he was too afraid of the Outside to join the other woman. In the end the other woman did in fact leave the protected life on the Net and go Outside, and she tantalizingly sent him the buttons from her blouse, inviting him to "come out and play." (The actual story is so much better than my crappy summary, sorry.) This is the story in the collection with the most un-sci-fi-ish prose style, but it actually works really well.

"Carthaginian Rose" is based on an idea from Ray Kurzweil's Age of Spiritual Machines. Basically, the idea is that we'll soon (as in within 30 years) be able to scan people's brains into computers powerful enough to simulate neural activities -- and instant immortality! The scanning technology initially will be kind of crude, and so we might need to do it destructively on some people to try it out (Kurzweil speculated that a person facing imminent death may volunteer to be the first test subject). The story takes this idea and speculates on what kind of person that first volunteer would be and how someone might be driven to happily, willingly, and even work hard at being destructively scanned.

The title story, "Empire of Dreams and Miracles," is probably the craziest story of the bunch. It involves a future so far off that people literally kill for sport (the victims are then brought back to life). The entertainment industry is centered around competition among the killer-artists to bring the most pleasure and novelty to each kill, and the psychology of a culture with no real death but a lot of colorful imitations of it is described with a great deal of detail and imagination. The images are eye-popping and they come at you one after another, giving you almost no time to absorb each one (so you end up feeling a little like the sensation-saturated inhabitants of this future). The fascination with violence, death, and the sexual energies in both can be seen as a satire of our own world or just really good mood setting.

"Who Lived in a Shoe" is about alien house hunting. For any slashdot readers who have looked for a dwelling the story will resonate. It's a funny, light piece that is less sci-fi than fantasy. Some of the houses that the main characters visit on their search may well appeal to the crowd here. This story shows the wide range and styles in this collection.

There are eight other stories in the collection, ranging from Twilight Zone-like horror to cosmology-as-religion. There are space stations and artificial intelligences, social commentary as well as pure fantasy. All of the stories are well-written short stories, not aborted attempts at novels or sketches that go nowhere. OSC wrote an introduction to each story and it's interesting to get his take on each.

To be sure, sometimes the writing in these stories is not as polished as one could wish, but you see that kind of roughness even in the mass-circulation magazines. After all, we are talking about sci-fi here, not the Atlantic Monthly. All in all, given the diverse range of ideas, characters, and styles in this collection and the fact that these are all fresh, new talents in the field, this is my second favorite short fiction anthology for the year (it was my first favorite anthology until Ted Chiang's Stories of Your Life -- you just can't argue with all those Nebulas).

You can purchase Empire of Dreams and Miracles from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Slashdot's own Robo takes a look at SQL Fundamentals, writing "This beginner book takes a traditional look at the ever-popular Structured Query Language. Never bothered to learn SQL? Here's your chance. SQL Fundamentals, by John Patrick, takes a 834-page beginners look at the application of SQL to Access and Oracle. Read more for SQL Fundamentals' strengths, weaknesses and everything in-between." SQL Fundamentals author John Patrick pages 800 publisher Pearson Education rating 7 reviewer Rob ("robo") Oostendorp ISBN 0130669474 summary Truly a beginner friendly book for anyone needing a crash course in the basics of SQL; of limited but real use to those who already are familiar with SQL.

This beginner book takes a traditional look at the ever-popular Structured Query Language. Never bothered to learn SQL? Here's your chance. SQL Fundamentals, by John Patrick, takes the first layer of SQL in Access and Oracle [robo, I find this a confusing phrase, not sure how best to recast, but somehow] and sums it up in this 834-page manual. Read more for SQL Fundamental's strengths, weaknesses and everything in-between.

The Basics SQL Fundamentals discusses the practical realities of extracting information from a database. Patrick shows the reader how to use SQL in both Oracle and Access. The book starts with a brief overview of the roots of SQL and relational databases; after this introduction, the book covers select statements and the basics of a query. Each chapter builds on the next, and the book follows a simple progression, adding complexity as it goes along.

This book is a very easy read -- it flows much better than a textbook, yet still conveys the information it promises. However, it's definitely for newcomers to SQL. So, if you have any experience in SQL this would not be the best choice. (Chapter 1 explains the concepts of a cell, row, column, and table, which might be enough to let you decide if this book is at the right level for you.) Throughout the book, the author relies on applying each newly introduced concept to a single relational database example. This hypothetical database (a table of employees trying to calculate their meal credits) makes the book feel consistent, and helps eliminate confusion about where the example information comes from, but it's also limiting for readers who want a broader range of examples.

One of the greatest strengths of this book is its wealth of code examples and accompanying tables. In contrast to many other manuals, this book illustrates queries along with their effects on the tables. Other SQL books (ones I consider going up to "layer 2" SQL) have many example queries, but some of them fail to show any sort of results from their example tables. Also, much of the code in SQL Fundamentals is well documented, with footnotes explaining any changes that occurred.

Caution: Beginner Book The book is called SQL Fundamentals. However, in this case, the fundamentals are only as they apply to the Oracle and Access databases. It mentions the existence of other distributions at the beginning of the book: "Oracle, Access, DB2, MS SQL, Informix, SQL Windows, Sybase, SAS sql procedure, FoxPro, dBase, Tandem SQL, MySQL, SQLBase, Cold Fusion, SAP, Business Objects, ODBC, Ingres, Ocelot SQL, OsloData, PostgreSQL, Rapid SQL, XDB, SQL/DS, Mini SQL, Empress, Interbase, Progress, Supra, SQL Report Writer, Paradox, Delphi, VAX SQL, Essbase, Beagle SQL, GNU SQL Server, Just Logic/SQL, PrimeBase, Altera SQL Server, DataScope, and PowerBuilder." However, Patrick never speaks of them again; perhaps he should re-title this book SQL Fundamentals: Applied to Oracle and Access? Readers considering this book should keep this in mind. The book explains things well, but the book's overall logic is geared toward those using one of those databases, and the examples are relevant only in that context.

I primarily use MySQL and Progress, so a book explaining SQL fundamentals applied to Access and Oracle isn't going to help me unless I specifically take on projects which use these particular databases. Also, The book often goes into unneeded repetition of subjects: for instance, the first 150 pages are all about select statements. I've never seen so many select statements picking apart one table. I personally think it would benefit from being trimmed down, and leaving further study to the reader.

The Plug I would recommend this book to a newcomer to SQL. It covers the fundamentals just like it claims. After finishing this book, you will have a grasp on things ranging from the most basic select statements to unions, self joins, & cross-joins.

Something to consider might be what SQL database you will be working with. If you'll be working with either Oracle or Access this book will be helpful. If not, I suggest looking at things like Managing Using MySQL by O'Reilly.

Finally, from the text comes this concise answer to the question "Who Should Read This Book?"

Everyone with an interest in getting information from a database can read this book. It can be a first book about databases for people who are new to the subject. You do not need to be a computer programmer. The discussion begins at the beginning and it does not assume any prior knowledge about databases.

That seems like a fair summary; with the caveats already mentioned, I can recommend it for newcomers to SQL looking for a thorough but not patronizing introduction.

You can purchase SQL Fundamentals from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

BShive writes "Design Patterns is considered a classic for anyone in software development. The beginning third of the book is a solid introduction to patterns, while the last two thirds of the book is devoted to the patterns themselves. Many of the professionals out there probably already own a well-used copy of this book, but there are others who are wondering what all the fuss is about. The frequency of hearing about this text in discussions piqued my interest enough to buy it for myself. If you are interested in design patterns and are looking to use them, then this should be one of the books on your shelf." Read on for more. Design Patterns author Erich Gamma, et al pages 395 publisher Addison-Wesley rating 8 reviewer Ben Shive ISBN 0201633612 summary Design Patterns is considered a classic for anyone in software development. Many of the professionals out there probably already own a well-used copy of this book, but there are others who are wondering what all the fuss is about.

Introduction

I found the entire introductory section excellent, and a good read. It covers what design patterns are and explains how they are documented and categorized. Advice on where and how to employ design patterns to achieve reusable and flexible software is also covered to give you an expectation of what you can get out of the rest of the book. The What, Why, and How are covered nicely. Even with little previous exposure to patterns, I was able to understand the presented material easily and begin to see the applications.
Object Modeling Technique (OMT) notation is also introduced to explain the diagrams associated with the patterns and examples. If you have used UML, the diagrams and notations will be familiar to you since UML is influenced by OMT. Jim Rumbaugh, the creator of OMT, collaborated with Grady Booch to create the first version of UML.

As the author notes, having a solid knowledge of OOP is critical to being able to understand and use the information presented. If you don't fully understand OOP, pick up an introductory text first. An Introduction to Object-Oriented Programming by Timothy A. Budd or any similar book will get you up to speed. However, you will get the most out of Design Patterns with hands-on OOP experience.

Case Study

This chapter presents a case study in designing a WYSIWYG document editor to demonstrate how design patterns can be applied. Most of the examples in the book involve the user interface and I would have liked to see less emphasis on UI models. However, it still gives the reader insight into real applications of patterns. Not only do the authors point out how the pattern applies to each case, but they also present the problems associated with the application. The case study is not intended to set up a perfect example of pattern usage, but to explore it. The reader could go further with the design presented and think about how to solve the flaws pointed out along with the ones that have not been discussed. I liked the fact that they do not attempt to state that there is only one way to solve the problems presented, or that their solutions are even the best way. Too many authors fall into this trap.

Presenting: The Patterns

The three chapters on patterns make up the bulk of the book. The patterns are separated out into the three chapters by type: Creational, Structural, and Behavioral. Each chapter begins with an overview of what the patterns of the type can be used for, and how the chapter deals with the patterns as a group. At the end of each chapter there is a discussion section that summarizes the patterns, along with guidance on how to select the right one from the chapter.

Each pattern description contains a number of sections: Intent, Also Known As, Motivation, Applicability, Structure (in OMT), Participants, Collaborations, Consequences, Implementation, Sample Code, Known Uses, and Related Patterns. The breakdown makes it easy to determine if, why, and how you should use the pattern. The authors are justifiably concerned about using the wrong pattern for a given situation. The code snippets are also easy to work through as long as you know an OOP language. C++ is commonly used, with the occasional bit of Smalltalk code.

The three chapters that detail each pattern would be difficult to read right through. However, the opening and closing section of each chapter has valuable information and is worth reading and subsequently referring to some of the patterns discussed. I got the most out of these chapters by picking patterns that might apply to current projects I was working with and then exploring one in depth, branching over into other patterns in a non-linear fashion.

Conclusion

The closing chapter is relatively short, but makes some important points. The authors discuss what to expect from design patterns, some history and other references/influences. Re-factoring is discussed and how patterns will help mitigate this unavoidable process as the software evolves. Other benefits are also brought up briefly. The book closes with an invitation to give the authors feedback and to find patterns that you use. The best designs will use many design patterns that dovetail and intertwine to produce a greater whole.

Book Extras

The whole book has a quality feel to it that is missing from many current texts that cost nearly twice as much. Inside the front cover there is a quick reference to all of the patterns contained in the book with a brief description and page number. The back cover also contains a quick reference for diagram notation and the relationships between the design patters. This is all topped off by two bookmark ribbons attached to the spine.

The Age Issue

Design Patterns was originally published in 1995, and the book mentions that the patterns it contains are little changed from 1992! In the computer field this would be considered an ancient text with how fast software is updated and languages change. Despite this, since the material is not entirely dependent on a particular language or program it holds up quite well. The examples referred to for each pattern are older software that many will not recognize. An updated version would be nice, but being old does not condemn this book to being useless.

Summary

This is an excellent book even if it is beginning to show its age. The fact that it's still very useful is testimony to the quality of the material. A few readers might find the reading to be a bit dry, but the straightforward style was refreshing compared to some other texts. The authors stay focused on the topic and condense it appropriately without going off onto long tangents. Once I've followed through with applying some patterns to projects it might garner an even higher rating. Just from reading about some of the patterns, I could see how they could have applied to previous projects I've worked on, both large and small. The book was certainly a worthwhile investment. If a second version of this book ever comes out, I'd be sure to pick it up as well.

Chapters:
1. Introduction
2. A Case Study: Designing a Document Editor
3. Creational Patterns
4. Structural Patterns
5. Behavioral Patterns
6. Conclusion

Appendix:
A. Glossary
B. Guide to Notation
C. Foundation Classes

You can purchase Design Patterns from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

BShive writes "Design Patterns is considered a classic for anyone in software development. The beginning third of the book is a solid introduction to patterns, while the last two thirds of the book is devoted to the patterns themselves. Many of the professionals out there probably already own a well-used copy of this book, but there are others who are wondering what all the fuss is about. The frequency of hearing about this text in discussions piqued my interest enough to buy it for myself. If you are interested in design patterns and are looking to use them, then this should be one of the books on your shelf." Read on for more. Design Patterns author Erich Gamma, et al pages 395 publisher Addison-Wesley rating 8 reviewer Ben Shive ISBN 0201633612 summary Design Patterns is considered a classic for anyone in software development. Many of the professionals out there probably already own a well-used copy of this book, but there are others who are wondering what all the fuss is about.

Introduction

I found the entire introductory section excellent, and a good read. It covers what design patterns are and explains how they are documented and categorized. Advice on where and how to employ design patterns to achieve reusable and flexible software is also covered to give you an expectation of what you can get out of the rest of the book. The What, Why, and How are covered nicely. Even with little previous exposure to patterns, I was able to understand the presented material easily and begin to see the applications.
Object Modeling Technique (OMT) notation is also introduced to explain the diagrams associated with the patterns and examples. If you have used UML, the diagrams and notations will be familiar to you since UML is influenced by OMT. Jim Rumbaugh, the creator of OMT, collaborated with Grady Booch to create the first version of UML.

As the author notes, having a solid knowledge of OOP is critical to being able to understand and use the information presented. If you don't fully understand OOP, pick up an introductory text first. An Introduction to Object-Oriented Programming by Timothy A. Budd or any similar book will get you up to speed. However, you will get the most out of Design Patterns with hands-on OOP experience.

Case Study

This chapter presents a case study in designing a WYSIWYG document editor to demonstrate how design patterns can be applied. Most of the examples in the book involve the user interface and I would have liked to see less emphasis on UI models. However, it still gives the reader insight into real applications of patterns. Not only do the authors point out how the pattern applies to each case, but they also present the problems associated with the application. The case study is not intended to set up a perfect example of pattern usage, but to explore it. The reader could go further with the design presented and think about how to solve the flaws pointed out along with the ones that have not been discussed. I liked the fact that they do not attempt to state that there is only one way to solve the problems presented, or that their solutions are even the best way. Too many authors fall into this trap.

Presenting: The Patterns

The three chapters on patterns make up the bulk of the book. The patterns are separated out into the three chapters by type: Creational, Structural, and Behavioral. Each chapter begins with an overview of what the patterns of the type can be used for, and how the chapter deals with the patterns as a group. At the end of each chapter there is a discussion section that summarizes the patterns, along with guidance on how to select the right one from the chapter.

Each pattern description contains a number of sections: Intent, Also Known As, Motivation, Applicability, Structure (in OMT), Participants, Collaborations, Consequences, Implementation, Sample Code, Known Uses, and Related Patterns. The breakdown makes it easy to determine if, why, and how you should use the pattern. The authors are justifiably concerned about using the wrong pattern for a given situation. The code snippets are also easy to work through as long as you know an OOP language. C++ is commonly used, with the occasional bit of Smalltalk code.

The three chapters that detail each pattern would be difficult to read right through. However, the opening and closing section of each chapter has valuable information and is worth reading and subsequently referring to some of the patterns discussed. I got the most out of these chapters by picking patterns that might apply to current projects I was working with and then exploring one in depth, branching over into other patterns in a non-linear fashion.

Conclusion

The closing chapter is relatively short, but makes some important points. The authors discuss what to expect from design patterns, some history and other references/influences. Re-factoring is discussed and how patterns will help mitigate this unavoidable process as the software evolves. Other benefits are also brought up briefly. The book closes with an invitation to give the authors feedback and to find patterns that you use. The best designs will use many design patterns that dovetail and intertwine to produce a greater whole.

Book Extras

The whole book has a quality feel to it that is missing from many current texts that cost nearly twice as much. Inside the front cover there is a quick reference to all of the patterns contained in the book with a brief description and page number. The back cover also contains a quick reference for diagram notation and the relationships between the design patters. This is all topped off by two bookmark ribbons attached to the spine.

The Age Issue

Design Patterns was originally published in 1995, and the book mentions that the patterns it contains are little changed from 1992! In the computer field this would be considered an ancient text with how fast software is updated and languages change. Despite this, since the material is not entirely dependent on a particular language or program it holds up quite well. The examples referred to for each pattern are older software that many will not recognize. An updated version would be nice, but being old does not condemn this book to being useless.

Summary

This is an excellent book even if it is beginning to show its age. The fact that it's still very useful is testimony to the quality of the material. A few readers might find the reading to be a bit dry, but the straightforward style was refreshing compared to some other texts. The authors stay focused on the topic and condense it appropriately without going off onto long tangents. Once I've followed through with applying some patterns to projects it might garner an even higher rating. Just from reading about some of the patterns, I could see how they could have applied to previous projects I've worked on, both large and small. The book was certainly a worthwhile investment. If a second version of this book ever comes out, I'd be sure to pick it up as well.

Chapters:
1. Introduction
2. A Case Study: Designing a Document Editor
3. Creational Patterns
4. Structural Patterns
5. Behavioral Patterns
6. Conclusion

Appendix:
A. Glossary
B. Guide to Notation
C. Foundation Classes

You can purchase Design Patterns from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Mike Clark writes "There are many security books on the shelves today. Most of them describe the same hacker tools and methods. They don't get very technical and once you've read one, you've read them all. Building Open Source Network Security Tools is a different breed of security book." Read on for the rest of Mike's review. Building Open Source Network Security Tools author Mike D. Schiffman pages 424 publisher John Wiley & Sons rating 9 reviewer Mike Clark ISBN 0471205443 summary How to use open source libraries, such as libpcap and libdnet, to build network security tools.

Building Open Source Network Security Tools , just as the name suggests, is about how to build network security tools. This is a technical book, so you are going to have a little knowledge of C and your networking principles. This is definitely not a manager's book.

First the book describes some basic principles in developing security software. This is a quick primer in case you have never been involved in software development. Next the book goes on to describe several commonly used libraries like libnet and libpcap. For each library, the structures and functions are explained, then there is sample code. I have written programs using libpcap and libnet before, and I still learned something. There is even a section on OpenSSL programming. OpenSSL is a rather large and cryptic, no pun intended, library (in my experience anyways). This book sheds some light on it! These chapters are a great reference to have when making a new security tool.

The author then goes on to explain the several techniques like attack and penetration and active reconnaissance. Not only does the author tell you how they would in a technical sense, he provides code that does it, and explains each piece. This is very useful since most tools in the wild aren't very well commented ;) There is also a chapter on buffer overflows and format string vulnerabilities. These chapters are very well done and do a good job in explaining how they work and how to write code to use them. It may sound like this is an offensive hacker book, but it also gives examples on how to write defensive programs, like a port scan detection tool. At the end of the book the author ties it all together with a large program that utilizes many of the techniques mentioned in the book.

I found this book to be very refreshing. I had been waiting for a good security programming reference, and this is it. As a part of the Honeynet Project, I have seen a large number of compromises and tools, and one thing I've found is that in order to truly know who your enemy is, and how they operate, you need to know how their tools work. I wish this book had been released years ago when I first became interested in network security. It would have saved me from stumbling around old web pages and dead links. If you're an information security professional, this book is a must have for your library.

You can purchase Building Open Source Network Security Tools from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

axis-techno-geek writes "This is the tenth Dune novel, and the fourth co-authored by Brian Herbert (the son of Frank Herbert) and acclaimed sci-fi writer Kevin J. Anderson. The story in this Dune novel takes place 10,000 years before the original Dune novel and gives the reader more foundation on how the empire we know from the previous 9 book came to be." Read on for the complete review. The Legends Of Dune - Volume 1: The Butlerian Jihad author Brian Herbert and Kevin J. Anderson pages 624 hardcover/3041 Palm eBook publisher Tor Books/Palm Digital Media rating 7.5 out of 10 reviewer axis-techno-geek ISBN 0765301571/eISBN: 0-312-70808-4 summary A historical account of the �Dune� universe 10,000 years before Muad�Dib

The book starts out by giving a history of how the Titans took over the "Old Empire" after humanity had lost its drive and had relegated intelligent machines to handle the everyday tasks. The Titans used this lack of drive and the intelligent machine to quickly take over the Old Empire and conquered most of the known galaxy. Free humans rose up at the fringes of the galaxy to resist and push the Titans back, forming "The League of Nobels".

The Titans governed their planets with a increasingly sophisticated AI network and increasing brutality towards their human "slaves". In a bid to rule for centuries, and for possible immortality, the Titans underwent the transfiguration to "cymeks", robots with a human brain. After a century of Titan rule, one of the Titans, in a quest for more free time to indulge in hedonistic activity, relinquished too much control to his intelligent AI network. Eventually the sentient AI network computer evermind, which took the name Ominus, took control of all the Titan controlled planets and formed the "Synchronized Worlds".

After a thousand years of conflict and stalemate between the Synchronized Worlds and the League of Nobels the machines, with coaxing from the Titans, have determined that it is time to "corral" the wild humans and strike out, the logical target, Salusa Secundus, the center of government for the League of Nobels . Being so "unpredictable" to Ominus, the humans, taking huge losses, again resist the machine attacks. In part due to the AI scrambler shield invention of one Tio Holtzman that stops robots, but in an oversight, allowed the Titan cymeks, with their human brains, through.

Reconsidering their tactics, the machines instead move on one of the less vehemently defended planets, an industrial world with an abundance of resources, Giedi Prime. This time the machines manage to knockout the shield generator and take the planet. Once the league hears of this, the endless debates start within their government, as with any democracy, nothing gets done because all the politicians are afraid to commit. All except Serena Butler, she instead organizes a small band to sneak onto Geidi Prime and complete the secondary shield generator. This leads to Serena's capture and eventual transfer to the primary Synchronized World, Earth.

We get to see the first "friction" here between the Atreides and Harkonnen, the Sorceresses of Rossak with their telepathic and telekinetic powers are the beginnings of the Bene Gesserit. The foundation is laid for the Suk doctors, and the cover blurb that I read mentioned the Swordmasters of Ginaz, but I found only a slight mention of the planet Ginaz. Another cover blurb I read mentioned the Mentat school, but there was nothing in this book, one could see the use for them as the League of Nobels did not use any computers.

The book flows very well and I found myself drawn to read more and more. The book does not have the intricate plot within plot layout as the other Dune works, but then this book is being narrated from a historical perspective. Given this, I found most of the characters actions predictable, but I have read all other 9 books, so this being a "historical" narrative, this keeps the characters close to their roles that were hinted at/layed out in the previous novels.

I give credit to Brian Herbert for the foresight of enlisting the help of Kevin J. Anderson in the creation of the Dune "prequels" as he openly admitted that he did not possess all of the "tools" required to under take this project, kudos.

You can purchase The Legends Of Dune - Volume 1 from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Craig Maloney writes "Linux Programming By Example is a book aimed squarely at programmers learning how to program the Linux and UNIX system for the first time." Read Craig's review of Linux Programming by Example (below) to find his take on whether the book delivers on the promise of its title. Linux Programming By Example author Kurt Wall pages 533 publisher QUE (InformIT) rating 9/10 reviewer Craig Maloney ISBN 0789722151 summary Linux Programming by Example is a concise and solid introduction to programming under the Linux system. Excellent instructions accompany fully-working examples of code.

There are plenty of books on this topic as any trip to the bookstore will show. Where this book excels compared with other Linux programming books is its consistent focus throughout. Other books tend to explain a multitude of concepts without relating them back to a real-world example. In Linux Programming By Example, the author introduces a concept, and explains it with an example. In the last chapter, the author integrates the knowledge he's presented, utilizing many of the book's concepts in building a simple CD-Database program. Of course, not all of the concepts relate to the final CD database (The chapters TCP/IP Programming, The Sound API and Using the Mouse are not referred to in the final program), but it's helpful for beginning programmers unsure how all of these pieces fit in the bigger picture of a working program.

Begin at the beginning

Linux Programming By Example begins with topics that don't get covered until the end of many books. The book starts by discussing how to use GCC and make on a Linux machine, and how to create a Makefile. It's always puzzled me why some books don't cover the compiler or the make process until the end of the book. What's the point in that? Granted, chapters in debugging and RCS are left to the end of the book, but presenting key concepts in the development process early in the book helps the reader to get a better feel for how all of these concepts interrelate in a Linux/UNIX environment.

Moving forward

From the basics of compilation and making programs, the book moves to the basics of a Linux system in Part II: System Programming. This is where the book truly shines. In the section on processes, Wall discusses the elements that make up a process, how to manipulate a process, and why you would want to do this anyway. The book assumes no prior UNIX knowledge, but doesn't plod along like most introductory texts. In the section on signals, the book defines what signals are, early signal APIs and their issues, POSIX and Linux signal APIs, and how to use signals and signal sets. In this chapter, the author not only lists the signals supported by the Linux system, but also other signals supported by POSIX and other UNIX systems. While this might sound confusing, the author takes time out to explain which signals are really important in a Linux environment. This is a key reason why this book retains its readability without losing depth. Each chapter in the System Programming portion of the book retains this format -- not only demonstrating what the topic is, but also where this fits in a Linux/UNIX system and why you would even bother to know this in the first place.

What's good?

Linux Programming By Example is clearly aimed at getting programmers up to speed on not only programming Linux systems, but also POSIX based systems. Wherever possible, the author makes a point of pointing out the POSIX way. This book could have been easily called POSIX Programming by Example. The author also makes no bones about implementation issues with Linux and the POSIX or System V way of implementation. The book clearly states where Linux falls short of the full POSIX standard, and where pitfalls with porting code from other systems may occur. It's a refreshing change from other beginner texts which assume the reader will discover these pitfalls on their own.

So what's in it for me?

If you're looking for a quick, effective way to get up to speed in Linux and UNIX programming without breaking the bank, Linux Programming by Example is the book to take you there. This book is designed for programmers who are familiar with programming on other systems but haven't dealt with Linux before.

You might have trouble locating this book, since QUE let it lapse for a while, but there should be another batch hitting stores soon. You won't be disappointed.

You can purchase Linux Programming By Example from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

TheThinMan writes "This is the completely updated second edition. Four years ago I made the first edition my constant companion and it has saved me, and any other web developer nearby, weeks of head-scratching since. Back then we had to tussle with Netscape Navigator 4 vs. Internet Explorer 4 while supporting the version 3 browsers. Though the browser war is over and all sides have vastly improved their products, DHTML has moved on. This edition brings home just how much has changed and just how much is new. Most importantly, it helps you to develop web interfaces that will be cross-platform from the outset." TheThinMan's thoughts on the book continue below. Dynamic HTML The Definitive Reference (2nd edition) author Danny Goodman pages 1400 publisher O'Reilly rating 10 reviewer TheThinMan ISBN 0596003161 summary The most complete reference work for HTML, DOM, CSS and Javascript, cross referenced for all the major browsers and standards.

What's in the book?

The book is not an introduction to DHTML but it does have an 183-page section on Applying DHTML that covers not only the current state of the art but also gives clear guidance in making use of all the features. The guidance is of a good enough standard that a firm's Quality program could simply cite this book as the basis for the web development standards that a team adopts. Goodman makes it very clear that he is not going to discuss the DHTML that Navigator 4 introduced, the <layer> tag and JavaScript style rules, but points out that they are covered in the first edition should you really need to know.

The layout of the book is the same as the first edition, with the reference sections divided into HTML, DOM (Document Object Model), CSS (Cascading Style Sheet) and JavaScript. A new section for Events also makes an appearance. The reference sections on HTML and DOM have sub-sections that precede them on the shared attributes of all elements. These are particularly useful and I think should be committed to memory.

There is also a very curious Cross Reference section that has an HTML/XHTML attribute index and a DOM property, method and event handler index. It takes each HTML/XHTML attribute and shows which elements support it and then each DOM scriptable object property, method and event and which objects support it. I'll confess I've never had any call to use this section but I can see how it could come in handy -- and it hardly takes up much dead tree.

The upper limit of standards coverage is HTML 4.01, XHTML 1.1, CSS Level 2, DOM Level 2, and JavaScript (or ECMAScript) 1.5. The browsers considered are IE6 (Windows), IE 5.1 (Mac), Netscape Navigator 6 and 7 and Mozilla 1.0. Opera is also mentioned in the section on Applying DHTML in that it mostly follows the IE DOM. The timeline for any element can go back as far as HTML 3.2, Navigator 2 or IE 3.

As you would expect, there are some useful appendices: Color Names and RGB Values, which I expect to be using more now as sites are required to meet Accessibility guidelines; HTML Character Entities, for when you don't have a copy of Macromedia Dreamweaver or when your favourite HTML editor doesn't have a complete list; Keyboard Event Character Values, for your scripts when you want to catch all those key presses; Internet Explorer Commands, which along with the MSHTML.dll can allow the creation of a very neat content editor quite quickly and easily; and finally, an HTML/XHTML DTD Support cross-reference that may help catch validation errors as you move from an HTML 4.01 Transitional DTD to a full-on XHTML 1.0 Strict DTD.

What makes it worth having?

The quality of Danny Goodman's writing is both technically accurate and easy to read. The clarity and lack of fluff is good, but there is no skimping on detail where such is needed to illuminate a point. Let's face it: web development is not as complex as most software engineering or systems development tasks, but it is a discipline with quite a wide base, reflected in the 1400 pages of this tome. I wouldn't trim any of it, however, and I expect that after about a year of use I will have referred to a good proportion of the contents. Take, for instance, Goodman's estimate that there are more than 15,000 unique instances of properties, methods, and event handlers supported by numerous document objects and you get an good impression of the size of the documentation required.

The book could be regarded as two books in one: There is the Applying DHTML book and the Reference book. The best things about the reference sections are the excellent descriptions, the clear little examples, and especially the quick summary of where you can expect these things to be supported. Referring to this book is the simplest way to avoid going down the proprietary browser extension cul de sac.

The Applying DHTML section is worth reading all the way through. It is great for getting yourself into the various technologies and seeing how they are meant to work. There are interesting points made on how each of the technologies are evolving. There's material contrasting the various DOM implementations and there are chapters on style sheets, positioning in CSS, making the content dynamic (of course, this is what DHTML is all about, after all) and scripting events.

There is a very useful cross-platform API for DHTML (which can be downloaded as a zip file along with the other examples from the book on O'Reilly's web site). I've used the version from the first edition quite a lot, and I've used the new version in my most recent work. It doesn't rely on browser version sniffing, but rather on object detection, which is explained with some examples, and can be easily extended to handle any DOM call you may wish to make. The API is especially useful for any CSS positioning tasks you may have. Goodman also goes over other strategies you can adopt to make your sites cross-platform, such as page branching, designing for a common denominator, and some other, neater, solutions.

There isn't anything on Accessibility other than a single paragraph drawing your attention to the Web Accessibility Initiative (WAI). DHTML and Accessibility could be considered inimical but that isn't the case and I'd perhaps have liked to see this elaborated on with some suggestions on how to achieve an Accessible site while still using DHTML. In practice, however, I've found it easy to meet the Priority 1 checkpoints (or A rating) set by the WAI even with a complete DHTML site so perhaps this is not really an issue.

I find this book really useful. I can't imagine any web developer doing without this book and managing to produce a good cross-platform solution, and I also can't imagine that developer needing any other texts on any of the technologies covered here. I certainly don't have any others on my desk today.

The O'Reilly web site has a complete Table of Contents available. You can purchase Dynamic HTML The Definitive Reference from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

EnlightenmentFan writes "In When Things Start to Think, MIT Media Lab whiz Neil Gershenfeld predicts an appealing future of seamless, foolproof computers. User alert: Relentless optimism ahead. (I am ready to let MIT graft smart chips into my skin some day after my PC goes a week without crashing.) This is the book to buy for your folks to get them excited about nerds. It does also have some interesting stuff for nerds themselves." Read on for Enlightenment Fan's review. When Things Start to Think author Neil Gershenfeld pages 225 publisher Owl Books (paperback) rating For Slashdotters: 5 to read, 9 to give your folks reviewer EnlightenmentFan ISBN 080505880X summary Seamless, foolproof mini-computers coming up.

One underlying theme dear to Gershenfeld's heart is the death of traditional academic distinctions between physics and engineering, or between academia and commerce. Applied research is real research.

Another major theme is that older technologies should be treated with respect as we seek to supplement or replace them. For example, a laptop's display is much harder to read in most light than the paper in a book.

The book starts by drawing a contrast between Digital Revolution and Digital Evolution. Digital Revolution is the already-tired metaphor for universal connectivity to infinite information and memory via personal computers, the Internet, etc. Digital Evolution describes a more democratic future, from Gershenfeld's point of view, when computers are so smart, cheap, and ubiquitous that they do many ordinary chores to help ordinary people. When things talk to things, human beings are set free to do work they find more appealing.

"What are things that think?" asks the first section of the book.

Gershenfeld's whizbang examples won't be big news to Slashdot readers. My favorite, the Personal Fabricator, ("a printer that outputs working things instead of static objects")-- whose relationship to a full machine shop analog is like that of the Personal Computer to the old-fashioned mainframe. Gershenfeld actually has one of these in his lab (it outputs plastic doohickeys)--seeing it was one of the high points of my visit there.

"Why should things think?" asks the second section.

My favorite here is the Bill of Rights for machine users. (In true Baby-Boom style, it's of list of wants arbitrarily declared to be rights.) "You have the right to

• Have information available when you want it, where you want it, and in the form you want it

  Be protected from sending or receiving information that you don't want

  Use technology without attending to its needs"

Under the heading "Bad Words," Gershenfeld offers a snide but useful summary of many high-tech pop-sci buzzwords, showing how they get misused by people who don't understand their real content or context.

"How will things that think be developed?"

By making them small and cheap. By getting industry to pay the bills for targeted, practical research, using the Media Lab model TTT ("Things That Think.") By reorganizing education on the model of the Media Lab, where students learn things as they need them for practical projects, not all at once in a huge, abstract lump.

The book concludes with directions to various websites, including the Physics and Media Group (One of their projects these days is "Intrabody Signaling.") Slashdotters might also be interested in Gershenfeld's textbooks The Nature of Mathematical Modeling and The Physics of Information Technology.

You can purchase When Things Start To Think from bn.com, and Amazon has the book paperback discounted to $11.20. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

bbagnall writes "Vehicles, by Valentino Braitenberg, presents a different way of thinking about thinking, one tied more closely to sensing and acting as opposed to long, detailed calculations. In many ways it's similar to the strategy of robot programming advocated by Rodney Brooks, however Braitenberg's ideas came first so he probably deserves more recognition for this train of thought than the much more publicized Brooks." The book is not new (it's in reprint mode now, was published first in 1986), but relevance trumps novelty. Read on for the rest of the review. Vehicles: Experiments in Synthetic Psychology author Valentino Braitenberg pages 168 publisher MIT Press rating 8/10 reviewer Brian Bagnall ISBN 0262521121 summary Profound, easy to read theories about intelligence in robots.

Valentino Braitenberg has written one of the cleanest books on robot behavior ever published. It is apparent he wrote exactly what he wanted; no more, no less. The total size of this book is 152 pages, but that seems to be exactly the proper size for the topic he has chosen. Other authors (or editors) would probably say that's not enough pages. It has to be 250, minimum! 400 is better! Not Braitenberg. Vehicles has the raw ideas of a 400-page book. In fact, if you take the proper amount of time to ponder each idea it might even take as long as a 400-page book to get through.

This book contains descriptions of various robots, which Braitenberg calls vehicles since they all use wheels for mobility. They start off simple, then gradually become more complex with each chapter, each new robot being an evolutionary step up from the previous one. In fact, rather than starting with "Chapter 1," Braitenberg starts with "Vehicle 1," and so on. By Vehicle 14 these robots could hardly be said to differ from actual living creatures in the way they behave (though Vehicle 6 describes self-reproducing robots, which is currently beyond our ability to duplicate).

Each new vehicle focuses on an animal behavior: moving, aggression, fear, love and how these can be created in a mechanical vehicle. Braitenberg has a rare mind that can think up original, non-intuitive ideas backed by logic. He also has the ability to present them well. There are a few penalties from Braitenberg's minimalist approach, however. Plain, minimal language can be a bit boring at times, stripping the book of character. Sometimes I like big words and clever turns of phrase that make my mind work, such as the writings of Douglas R. Hofstadter.

How minimal is it? Vehicle 1 contains two pages of text and one page for a diagram. I can just imagine the editor receiving chapter 1 from Braitenberg and saying, "Where's the rest of it?" But it is the perfect length for the simple robot it describes. Vehicle 2 is two pages, plus two pages for two diagrams, and so on. Honestly, for the first four chapters a 12-year-old could read this book and get the same from it as a university professor. His minimalism is admirable, however at times it can feel maddeningly incomplete.

Vehicle 5 (logic) begins by explaining a system of inhibitors that can build a thinking machine. What he is really explaining is the basis for a neural net, however he attempts to do it in five pages. Are five pages enough to explain a neural net? Unfortunately, No. This seemingly simplistic approach actually means he is leaving out vital parts of the explanation that prohibit complete understanding. More description in this chapter would be incredibly helpful. He doesn't talk enough about how the "pulses" given to the neural network gates add up. Is there a cumulative effect going on? After a 1-paragraph explanation he shows 2 examples and describes what they do, but unfortunately he doesn't explain them enough for me to understand the mechanism. Thankfully instances like this are rare, and Vehicle 5 was the only description lacking.

Vehicle 6 describes chance and the role it plays in natural selection. He describes chance as "a source of intelligence that is much more powerful than any engineering mind." Never before have I directly thought of natural selection as being intelligent, but once Braitenberg said it, it sunk in that, Yes, natural selection is intelligent; much more intelligent than any human who ever lived. It is the most skilled engineer ever, making machines of unbelievable complexity and ability. And this "intelligence" has no form, no body. It has always been around since life began and it will always be around until the universe ceases to exist. It is a process; an invisible concept. And yet it is more intelligent than any human.

Artificial Intelligence authors often state the importance of language and symbols, but one can't help but notice that animals seem to do fine without language. And aren't animals intelligent too? He demonstrates that we always assume because an animal reacts a certain way towards an object it must store a symbolic representation of this object. That seems to be reasonable, but Braitenberg demonstrates you can get what appears to be symbolic thought when in fact internally there is no symbol stored -- just electronic paths. It causes one to rethink some well-entrenched ideas about AI. What about meditation? I know when I'm in a meditative state (not thinking/using language) I can perform some actions like sweeping, making food, walking, etc.. So just how important are symbols? Is there a limit to the thoughts that can occur without symbols? I don't think this demolishes the importance of symbols -- likely they are needed to create new ideas -- but they might have their place, one less central than we generally suppose.

At the heart of each vehicle are the pathways that the wires make as they connect sensors to motors. The robots in the first 2 chapters consist of a few sensors, a few motors, and a few wires connecting them. There are no CPUs in any of the robots, except for when the wire connections become so complex, embodying logic, that they effectively become CPUs themselves. The later chapters get into concepts that would not be as easy to replicate in actual robots, and rely a little more on speculation than hard fact. He addresses such difficult topics as getting ideas and having trains of thought. Most of the robots, up to perhaps Vehicle 9 (excluding the evolutionary vehicle) could likely be built in reality. With the recent advent of Lego Mindstorms, the perfect canvas exists to create these types of simple robots, and a programming environment like leJOS Java would make it possible to simulate the wiring described in the book. Maybe someone will eventually recreate the Vehicles in the book using these tools.

The book also includes imaginative artwork of the robots, done in a thought-provoking, abstract style. Unfortunately, rather than interspersing them throughout the book at the appropriate chapter, the editors have placed them all at the end of the book, where they are ineffectual. By the time you get to them, you've either forgotten the thrust of the robot described in the chapter or have mulled over the robot enough already. Having these pictures within each chapter would give the reader something to look at while pondering the meaning of these robots.

So what is this book really about? Well, everyone who reads it probably has his or her own opinion. Braitenberg himself calls it a fantasy with roots in science. I think it is partly about our own origins through evolution, and how something as complex as the human mind might have got started. It's also a bit of a roadmap as to how we might be able to construct our own complex, thinking machines. Braitenberg is laying out no less than the evolution of our brain. For people interested in these topics, he uses his vehicles to construct another metaphor with which to study Darwinian evolution.

Braitenberg includes a section at the end of the book titled "Biological Notes on the Vehicles." These describe the concepts of his robots and how they relate to actual observations in biological creatures. As a scientist, he has done a world of research into brains. I've read his previous book, On the texture of brains: an introduction to neuroanatomy for the cybernetically minded. Though not a popular book, it is evident he is very meticulous in his research. He has dissected and examined fly neurons under microscope for weeks at a time, and from this work, as his mind pondered what he was seeing, came the realizations described in Vehicles. It's quite a treat to read the results of his thoughts without having to do the tedious work yourself! It all adds up to Braitenberg's startling conclusion (which he states at the beginning): The complex behavior we see exhibited by thinking creatures is probably generated by relatively simple mechanisms.

You can purchase Vehicles from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

habit forming writes "Enjoy using Perl? Ever marvel at how Perl can "do the right thing" but still be written in C? Extending and Embedding Perl aims to take the black magic out of understanding our favorite language. In fact, the authors flat out admit they think it is unfair that only so few of us get to have one foot in Perl and one in C. Tim Jenness and Simon Cozens attempt to break down that barrier with lots of annotated code examples, direct analogies from the structures in Perl to those in C, a fine-grain look at XS and what it takes to robustly use a Perl interpreter in C." Extending and Embedding Perl author Tim Jenness and Simon Cozens pages 375 publisher Manning (http://www.manning.com/) rating 8.7 out of 10 reviewer habit forming ISBN 1930110820 summary Get in touch with the inner Perl. What's that up your sleeve?

It is my experience that many situations require us to "look under the hood" of (thoroughly examine) a solution to understand how to best use it effectively. Perl is no exception. The ability to bring such a force as Perl to a project at the proper time is a valuable skill to possess. However, wading chest-deep into XS and the Perl internals is not for the faint of heart. Jenness and Cozens ease this process by stepping in lightly at first.

What's in it?

The book begins with simple C examples that are then related back to the readers' knowledge of Perl. Then the text seems to throw us a curve by leaping off into building Perl modules. But there is method to the madness: building Perl modules correctly is inextricably linked to XS. Light introductions to XS are performed and the reader is well on his/her way to building .so extensions to any .pm.

After building a very specific foundation of simple C examples, module building, and some XS, the text returns to C to introduce pointers, arrays, file I/O and memory management. With these new skills, we begin to explore the structure and implementation of Perl variable types. Chapter 4 provides many useful diagrams of how Perl variables "look" and what C structures they translate into.

Still following a logical and constant order, we explore the Perl 5 API, learning how to post and retrieve information to the variable types explored in the previous chapter. As much as it might seem, this is not a rehash of the perlapi doc. It is consistent with the perlapi doc, but Jenness and Cozens provide extensively annotated C code examples.

Casting deeper still, we add the advanced C of pointers, arrays, file I/O and memory management to our knowledge of XS. At this point we have everything we need to effectively extend Perl, but the text continues deeper still by exploring how XSUB interfaces to Perl's internals. It is only the clearly documented, step-by-step explanations of this chapter that make it manageable for an average user like myself. Chapter 7 ends our stint with XS by discussing some alternative XS (or equivalent code) generation suites.

Switching gears entirely, we grab libperl.a and stuff into a C program. Chapter 8 begins the task of embedding Perl into a C program. Jenness and Cozens continue the embedded discussion through a Case Study in Chapter 9 and end with a look through the Perl internals in Chapter 10.

The final chapter (Chapter 11) details some of Perl's history, its development process, how we could become involved and what the future of Perl and Perl 6 may entail.

Final Thought

This book was indispensable in gaining a good foothold on using Perl in, from, and around C. I found it a good reference guide as well as an easy ,linear read. It is not a replacement for the perlguts, perlapi and perlxs documentation, but then again, it doesn't try to be. The annotated code examples with every line explained make following the book with development of your own solution a lot easier than in some other books. However, the in-depth explanations can be a bit frustrating for the impatient.

You can purchase Extending and Embedding Perl from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Peter Wayner writes "The book Creating Applications with Mozilla did not set out to capture the essence of modern open source software development in a few hundred pages, but it comes closer to that unreachable goal than almost any other book I can imagine. Everything is there: the proliferation of acronyms, the funky names, the endless layers, the earnest collaboration, the unstoppable yearning for customizability, and, of course, plenty of source code. The book is just supposed to be teaching us how to turn Mozilla into a front end for everything, but it's really a distilled exhibit of all that is hip and now in code creation." Peter's review continues below. Creating Applications with Mozilla author David Boswell, Brian King, Ian Oeschger, Pete Collins & Eric Murphy pages 454 publisher O'Reilly rating 9 reviewer Peter Wayner ISBN 0596000529 summary How to use the Mozilla APIs to do anything.

On the first and most obvious level, the book is just the typical, thorough treatment of the important APIs that we've come to expect from O'Reilly. There are chapters addressing all of the important layers of the Mozilla platform and plenty of examples that show you how to customize the platform. Some may want to change the icons and others may want to add more robust features. The range of possibilities is surprising and coders are creating one-to-one communications enhancements, add-on widgets, and even games. There are certainly some things missing, and some areas that could use more detail or more complicated examples, but the book is already 454 pages long.

On another level, this book is also one of the first finished documents that explains what the Mozilla group has really been up to for the past five years. Some have abandoned the project, and others have attacked it as fundamentally misguided. This book shows why it took so long by demonstrating all of the cool features added during the long march to a new, thoroughly extensible architecture.

Are the results enough to justify the time and the effort? Some note that the features may be a bit overhyped, because building your own browser with the Mozilla API is like making a pizza with $15 and a telephone. While there's a large part of the book devoted to the work you can do to change the look and feel of the buttons on your browser, the book and the project offer much more. The Mozilla project is one of the biggest threats to simple tools like Visual Basic to come down the pike in some time. The various layers offer many ways to provide good, customizable interfaces to databases, the web, and much more. I can see how many corporate development shops may want to start making Mozilla the platform for a license-free front-end, simply because it's a straightforward tool without extra costs or restrictions.

At the most abstract level, the book is a great way to get a taste of modern software development. Computer scientists sometimes fix problems by adding more and more layers of indirection. This may not solve anything, but at least there are hooks for a real solution to use some time in the future if some one ever does figure out how to make the box do it. The Mozilla browser is one of the most extreme examples of this philosophy to ever emerge. Emacs was something special, but this is even more insane. Everything can be changed around by rewriting some XML and Javascript and most people don't need to juggle the pointers in grubby C to do amazing things. I realize it's not as beautiful as Lisp to some, but it's got a clarity and level of abstraction that's stunning to behold. Lisp was just procedural, while XML is more like logic programming.

This relentless customizability embodies one of the deepest reasons for the success of open source. Technology is inherently complicated and the only way we can use it is if we can look under the hood. You can say all you want about CVS trees and bazaars filled with competing code, but opening up the interface is one of the most powerful themes of open source. It's not about teaching people to build their own VCR or PVR from scratch, getting the VCRs for free or even debugging the VCR's source code -- it's just about making them easy enough to program.

The book illustrates how Mozilla opens up the API to create a relatively easy language for people to use. The real open source is not the C in the tar ball, but the XML interface spelled out in the book. Many people feel that the most important thing that the first browser designers did was make it easy for people to see the HTML tags marking up the document in front of them. The new Mozilla takes this transparency to a new high.

If you look at the book at all of these levels, you can see that this is one of the most important documents to emerge from the open source community in some time. At first glance, it's just another set of APIs for us to wiggle. I realize it's not fair to credit the Mozilla team or the book authors with creating the browser or XML ex nihilio -- they just jumped on some of the most popular bitwagons propagating across the Net. But the result is a stunning completion of a very important and cohesive vision. The book doesn't crackle with bleeding-edge novelty, but shines with the certainty of a job well-done.

Peter Wayner is the author of Translucent Databases , Disappearing Cryptography , and a number of other books. You can purchase Creating Applications with Mozilla from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

actiondan writes: "Constructing Accessible Web Sites is about how to build websites that can be used by people who rely on assistive technologies to browse the web. When I picked up this book, accessibility was an area that interested me but I am now convinced that it should be in the thoughts of every web developer. Some of the laws that are emerging to regulate accessibility look positively scary and there are lots of other good reasons to take accessibility seriously." Read on for the rest of his review. Constructing Accessible Web Sites author Jim Thatcher, Paul Bohman, Michael Burks, Shawn Lawton Henry, Bob Regan, Sarah Swierenga, Mark D. Urban, Cynthia D. Waddell pages 415 publisher Glasshaus rating 8 reviewer actiondan ISBN 1904151000 summary The whys and hows of making web sites accessible to all.

What does the book cover?

Chapter 1 is an introduction to web accessibility. I would guess that most people who pick up this book will already know at least a little bit about accessibility, but this chapter provides a good overview and presents some compelling arguments for providing accessible websites. Interestingly, none of these is based on a moral argument -- they are all sound reasons why it is in the interests of an organization to think about accessibility. For example, one of these sections mentions that people with disabilities in the U.S. are estimated to control a discretionary income of over $175 billion. Making a site accessible to these people gives it access to an additional market that non-accessible sites cannot tap.

This first chapter sets the tone for the whole book. It doesn't preach about accessibility for the sake of people with disabilities but rather seeks to convince the reader that accessibility is in their interests.

Chapter 2 concentrates on one of the major reasons for making web sites accessible - laws that compel us to do so. It presents an overview of the state of the law in different parts of the world and a couple of examples of cases involving web usability. I have to admit I skimmed this chapter, as I wanted to get on to the technical stuff.

In Chapter 3, the book gets on to the mechanics of accessibility -- assistive technologies. It provides a short survey of the screen readers and other technologies that are available. I would have liked to have seen more information here on how widespread these systems are, even if just approximate.

Chapter 4 is where the book starts talking about the actual work involved in creating accessible content. It runs down the basics of accessibility (most of it is good practice such as using ALT text and so on). The blink tag even gets a mention and a "good for them!" is given to Opera for not supporting it :) This chapter will not be news to anyone who has done any accessibility work (or even just best-practices web development). The information on how tables are handled by screen readers is good though.

Chapter 5 looks in more detail at navigation. The advice here is good even outside of an accessibility context and there are some good points about 'gotchas' that could make sites difficult to navigate with assistive technologies.

In Chapter 6, input gets the same treatment that navigation got in the last chapter. I wasn't sure about the stuff on PDF forms (does anyone actually use these for web input?) but the advice on HTML forms was great.

Chapter 7 is about testing for section 508 (of the U.S. Rehabilitation Act) compliance. Initially, this was another chapter that I skimmed, as I am not based in the U.S., but then I realised that the testing advice in this chapter is not just useful for section 508 compliance -- it is useful for general accessibility testing.

Chapter 8 studies the accessibility of web development tools themselves. This doesn't apply to me but it was interesting to see how the tools (Dreamweaver, Frontpage, GoLive, Homesite and BBEdit) compare in terms of usability. This would have been a lot easier if there had been a summary table of the ratings given to the applications.

Chapter 9 seemed a little out of place. It is on "Separating Style from Presentation" and basically looks at CSS. I'm sure most people picking up this book will, like me, not need to be taught CSS basics. I skipped the chapter and very nearly missed an interesting little section on aural stylesheets.

I was surprised that chapter 10 was devoted to Flash, as I expected that Flash coverage in an accessibility book would be limited to a few paragraphs lambasting Macromedia for creating such an inaccessible technology. Well, it turns out that the new version of Flash supports accessibility much better than previous ones. This chapter was a real eye-opener for me. Clearly there is more work to be done but well done to Macromedia for putting accessibility support in!

Chapter 11 didn't really interest me much -- it seems to be more aimed at people who need to implement an accessibility strategy, one to hand over to managers once the technical content of the book is digested.

Chapter 12 is a bit of a heads-up on newer technologies and how they affect accessibility. There is some brief but decent discussion of how technologies such as SVG support accessibility.

The last actual chapter, Chapter 13, is a more in-depth look at U.S. web accessibility law. This was another one that I skimmed but one section did catch my eye. There is a discussion that raises the scary idea that web developers may be held liable for inaccessible web sites, even if their client told them to ignore the issue. If this is true, then it is an important point for every web developer to consider -- could you be held liable?

There are three appendices in the book; a quick reference guide summarises the most important advice given in the book, a glossary of terms and an appendix that details the U.S. Section 508 legislation.

Conclusion

Apart from the basic CSS coverage and the more U.S.-specific sections, I found the vast majority of the information in the book to be very interesting to me. The style was good too -- I was surprised that a book with 8 authors manages to maintain such a consistent and readable tone throughout.

Overall, I found the book a much more interesting read than I was expecting it to be. It gives specific advice about the way web sites should be constructed with accessibility in mind and offers strong arguments for following the advice.

It seems that accessibility is going to be a fact of life in web development. That being the case, every web developer needs to learn at least something about it, if only to use as ammunition in interviews. I would definitely recommend Constructing Accessible Websites as a good source of information on the area.

You can purchase Constructing Accessible Web Sites from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

David Kennedy writes "This is a review of Tom DeMarco's recent Broadway title, Slack, sub-titled Getting past burnout, busywork, and the myth of total efficiency." Relax, and read on below to find out how good a case DeMarco makes for keeping slack. Slack: Getting past burnout, busywork and the myth of total efficiency. author Tom DeMarco pages 220 publisher Broadway rating A reviewer David Kennedy ISBN 076790768X summary A highly entertaining, and informative survey of the state of the high-tech and software industries today, which suggests that companies have been taking exactly the wrong actions under pressure and further decreasing their ability to handle rapid change.

Summary: A highly entertaining, and informative survey of the state of the high-tech and software industries today, which suggests that companies have been taking exactly the wrong actions under pressure and further decreasing their ability to handle rapid change. The book is peppered with interesting asides and examples, but is always informed by the central thesis that companies need more Slack built back into their structures.

Check your sources. Tom DeMarco is an established industry management guru who has the respect of many of the technical community. He's written several previous titles, including the notable Peopleware and the collection, Why does software cost so much?. I'm not normally keen on any books in this genre, but have always found DeMarco's writing very readable and though-provoking -- most importantly for me, he has a habit of trying to find NUMBERS to back up any claims.

What's this book about? This is a 2001 title, and I find it slightly shocking that, in a maturing industry, we still need a book on this topic (from the blurb):

"To most companies, efficiency means profits and growth. But what if your 'efficient' company - the one with the reduced headcount and the 'stretch' goals -- is actually slowing down and losing money? What if your employees are burning out doing the work of two or more people, leaving them no time for planning, prioritizing, or even lunch? What if your super-efficient company is suddenly falling behind?"

So far we're just talking about the state of the modern software industry right? What's he proposing we do about it?
"[...] what you need is not more efficiency, but more slack. What is 'slack'? Slack is the degree of freedom in a company that allows it to change."

It seems a very simple concept to me, but then I'm an engineer, his writing is persuasive, and I have the benefit of 20-20 hindsight when reading. How can he get a 220 page book out of such a simple concept? After all, all we programmers know that your general purpose solutions always sacrifice speed for flexibility right?

What he discusses is a business model where you keep people, say, 70% busy. This leaves time for unexpected business, for reflection on why X takes so long and how to fix it, for self-training, for discussion about how things are done. These are all good things -- but the winner is that when people are stressed by sudden change or a deluge of new work, they have some slack to take in. Things change, you suffer a reduction in productivity, but hey, you had some slack to take in so the week's work is still getting done, you've just dropped that Ruby book for a week or two. You're swamped by a rush on finishing Product X before a competitors Product hits the market first -- just drop that tinkering with a novel memory pooling thingy you were considering slotting in to replace the adequate-but-inelegant solution in your product. I'm simplifying and reducing his argument here, but that's the idea. The other corollary to the 70% busyness level is that the system is responsive -- some nodes are 100%, some are 20%, but overall things are flowing. A system where most nodes are at 100% means some nodes are hanging waiting for other nodes to catch up -- total throughput drops. This'll make more sense reading his version ('underworked but responsive secretary' vs '100% busy, cannot help until Friday secretary'), but it's a good central topic -- simple, but not trivial.

220 pages isn't much -- he states that the book should be comfortable reading for a business trip -- and the bulk of the space is taken up by rationale for his suggestion, and discussion of the consequences. What I found valuable about the book was the description and subsequent debunking of several management techniques -- for example, he has a severe go at management-by-objective. I recognise it. I suspect you too will recognise it, and several other common variations.

Let's have a quick skim of the contents -- this isn't a technical book, more one massive opinion column, so the section titles aren't that useful, but I feel like I'm cheating if I don't do this in a review ...

• Slack
  Madmen in the halls, busyness vs business, the myth of fungible resources. This section sets up the case by setting out the assumptions, and describing what actually happened to most businesses when put under pressure in the last 10 years. I loved the word "fungible" too -- describes a resource that can be freely interchanged -- like paperclips are and software designers aren't.
• Lost, but making good time
  The cost of pressure, aggressive schedules, overtime, culture of fear, quality, management by objective. This is a meaty section and basically describes how the heck things got to be this way, what practices were adopted, and how they made things worse...
• Change and growth
  Vision, leadership, fear and safety, trust, what middle management is there for, change management. This section talks about change, specially why a lot of the measures adopted to prepare for it help make things worse, and how we should instead consider other approaches.
• Risk and risk management
  Working at breakneck speed, learning to live with risk. This seems like a short section from the contents, but it's reasonably long. There's less to discuss here for what we have is a 2-by-4 to head of businesses who refuse to plan for failure. A discussion then follows of the classic problem -- scheduling -- and why you'll never do a decent job of that without risk management. This is the only section where the tone is hectoring rather than persuasive -- or else that was my own frustration at the experiences I've had coming into play!

Target audience It's aimed at a particular segment according to the cover: "A handbook for managers, entrepreneurs, and CEOs." Well, I'm none of those, but I enjoyed it and found it useful. I'd prefer that my bosses were reading this than most of the other pap from the same shelf, but let's face it, change comes from all levels in the organisation, and if you can't spot mistakes being made within your team then you can't plan for your own career either. Read this book, it'll come in useful either when your managers start going awry and making you suffer, or it'll come in useful when you float up the org chart and have to start dealing with a team of your own.

What's good? Most of it. This is a highly entertaining read, and does present some genuinely useful ideas. It's also great as a collection of management anti-patterns. I think any career programmer in a medium-sized or above business would find this book interesting. Actually, come to that, anyone who enjoys Dilbert will enjoy this book.

What's bad? Not much. There were a couple of areas where I would have liked more case studies or evidence. As I said above, the recourse to surveys for the truth is something of a trademark of DeMarco -- he certainly references quite a lot of material in this book, but doesn't produce any solid evidence to back his ideas. Granted, probably hard to experiment on this scale!

You can purchase Slack from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

oxgoad writes "Need a closed-form algorithm to derive square roots? Stymied by strange and scary results from your favorite compiler's math library? Math Toolkit for Real-Time Programming by Jack W. Crenshaw attempts to shed some numerical light. Read on for the goods." Oxgoad's review continues below. Math Toolkit for Real-Time Programming author Jack W. Crenshaw pages 466 publisher CMP Books rating 8 reviewer oxgoad ISBN 1929629095 summary A casual discussion of algorithms ranging from abs to numerical calculus.

Who & What

Jack W. Crenshaw, Ph.D. (Physics) wrote his first computer program in 1956 for an IBM 650. He has been working with real-time software for embedded systems ever since -- contributing several years to NASA during the Mercury, Gemini, and Apollo programs. In addition to other activities, he is currently a contributing editor for Embedded Systems Programming magazine and author of the Programmer's Toolbox column.

In Math Toolkit for Real-Time Programming, his effort is focused on describing the pitfalls of vendor-provided math libraries and providing robust replacements. In section one he gives a thorough overview of constants and the various manners in which to declare them, naming conventions, and error handling. As the work progresses, in section two, he builds a library of proven algorithms ranging from square roots to trigonometrical functions to logarithms. Did you suffer through calculus in college with a barely passing grade? Section three will teach you more about numerical calculus in a half-hour than you may have learned in three semesters.

Kudos

Math Toolkit is written in an easy to understand anecdotal manner. You might be tempted to think that the author was animatedly relating the history of computing square roots while having lunch with you. This method works very well and keeps what could be a rather heavy subject from becoming too much of a burden. Most chapters have historical tidbits liberally sprinkled throughout.

Even if college algebra left you with post-traumatic stress disorder, you will not have any trouble with section two. Indeed, you may find yourself intently following the author on the trail of the perfect arctangent algorithm -- much as a sleuth on the trail of a villain.

The depth of knowledge shown, and its presentation, is exceptional. The author's years of experience are evident in his self-confident writing style. You will rarely see a clearer overview of numerical calculus. Quibbles

The cover of the book states: "Do big math on small machines." This, combined with the Real-Time Programming phrase in the title, might lead one to believe that the book's primary audience is intended to be the embedded microcontroller crowd. Sadly, not so. There is very little here for the die-hard assembler programmer other than some very handy integer square root and sine routines - and these examples are in C++. Based on the cover, I would have liked to see a greater emphasis on processors lacking a floating point unit. Also, some code examples in pseudo-assembler would have been welcome, as the author chose C++ as the language of choice for all examples.

Crimes

As is so often the case nowadays, there are various typographical errors scattered throughout. This seems to be an epidemic in current technical books. Fortunately, it didn't affect the readability of Math Toolkit.

Conclusions

I believe Math Toolkit for Real-Time Programming would be a great, perhaps mandatory, addition to the bookshelf of anyone that is involved in writing code that has a heavy math component. Other than the somewhat misleading cover, I cannot find anything truly negative to say about this work. Congratulations are in order to Mr. Crenshaw on a job well done.

The book also includes a CD-ROM of all example source code. In reality, to get the best benefit from the book, you should mostly ignore the CD-ROM and work through the examples. To quote the author: "Never trust a person who merely hands you an equation."

Table of Contents

1. Getting The Constants Right
2. A Few Easy Pieces
3. Dealing with Errors
4. Fundamental Functions
5. Getting the Sines Right
6. Arctangents: An Angle-Space Odyssey
7. Logging in the Answers
8. Numerical Calculus
9. Calculus by the Numbers
10. Putting Numerical Calculus to Work
11. The Runge-Kutta Method
12. Dynamic Simulation

• Appendix A: A C++ Tools Library

Disclosure

I received a review copy of this book from the publisher. Thus, my loyalties and opinions may be completely skewed. Caveat Lector.

You can purchase Math Toolkit for Real-Time Programming from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Nice2Cats writes "Python is something of a programmer's dream and an author's nightmare. What started life as a scripting tool for the Amoeba operating system has matured into a full-blown programming language with such speed that every book seems to be outdated in a year or two. To make matters worse for publishers, the crew around Python's creator Guido van Rossum keeps adding higher-level constructs such as iterators with every new release, reducing reams of code to single-line idioms at half-year intervals. Because not everybody has been able to keep up -- RedHat 7.3 infamously still ships with version 1.5.2 as the default, while SuSE 8.0 is hanging in there with version 2.2 -- authors are forced to cover stone age variants as well as modern forms. Python is cross-platform (Unix/Linux, Mac, Microsoft), has two underlying languages (C for Python, Java for Jython) and works with various GUIs (Tkinter, wxWindows, Qt, GTK, curses, Swing). Given this breadth of material, the idea of writing that most fragmented form of a programming book, a 'Cookbook,' seems as crazy as, say, nailing a dead parrot to its perch." Read Nice2Cats's review below of The Python Cookbook to see how well O'Reilly deals with dead parrots. The Python Cookbook author Alex Martelli and David Ascher pages 574 publisher O'Reilly rating 8 reviewer Nice2Cats ISBN 0596001673 summary A recommended book for the language with no Slashdot icon.

Beautiful plumage. O'Reilly, fortunately, has all kinds of experience with animals.

The Python Cookbook consists of seventeen chapters that contain between eight and twenty-six individual recipes. Chapters and recipes are roughly ordered by increasing complexity, length, and required background knowledge, starting with the simple "Swapping Values Without Using a Temporary Variable" and ending with the complete module "Parsing a String into a Date/Time Object Portably." The chapters are mostly organized by subject -- "Text," "Files," "Object-Orientated Programming," "User Interfaces" -- but also include "Python Shortcuts" and "System Administration." The background required varies: Whereas the chapter on "Text" starts off with Fred L. Drake reviewing the most basic string operations such as slicing and concatenation, Paul F. Dubois can only sketch the core concepts of lexing and parsing in "Programs About Programs."

This of course is a hallmark of all cookbooks, programming- or food-wise: Nobody will like everything, but everybody will like something. The worst fragmentation occurs, as expected, between examples of Python 1.5.2 and Python 2.2. Most recipes give preference to one version, and then point out how the problem could have been solved in the other version. This is more useful than the code that was written for all versions, because it gives a deeper insight into the changes that Python has gone through. The result is that after a few chapters, you start wondering why anybody in their right mind would keep using Python 1.5.2 instead of 2.2.* with its iterators, list comprehensions, new classes, and expanded module library.

Martelli and Ascher have done a good job balancing the different forms. Only one chapter struck me as lopsided: "System Administration", where ten of the sixteen recipes are Windows-only. Even though there is a good reason for this -- Microsoft's native administration tools just aren't like those provided with Unix -- the editors might want to rethink the selection of recipes in this chapter for future editions.

Generally helpful. The "Python Cookbook" has helped me in three ways. First, I found quite a lot of the examples themselves, especially those in the chapters "Python Shortcuts" and "Object-Orientated Programming" useful for everyday work. Second, reading more than 500 pages of peer-reviewed and well-commented code gave me a greater feeling for common idioms and constructs that are rare in this clarity in wild-type code. However, the book is strongest when more general principles of "Pythonic" programming are discussed, for example when Martelli demonstrates the merits of the "Look Before You Leap," "Easier to Ask Forgiveness than Permission," and "Homogenize Different Cases" methods.

My favorite recipe is Sebastien Keim's "Implementing a Ring Buffer," where an object carries a class deep in its bowels, and changes into this class in a rather cool Dr.-Jekyll-to-Mr.-Hyde transformation on the fly. The one recipe I found downright evil was "Sending HTML Mail," which should have been implemented as "Turning HTML Mail into Plain Text" with a note on how people who send HTML mail are going to be the first against the wall when the revolution comes. The best quote in the book comes from Tim Peters: "We read Knuth so you don't have to" -- Python's promise of programming power for the people, expressed in (dare I say it) a nutshell.

Conclusion:

I can recommend the "Python Cookbook" wholeheartedly to anyone who has passed into the advanced stage of language learning and is willing to actually sit down and work through the code. Anybody who is looking for a deeper understanding of Python, solutions to common coding problems, or starting points for their own projects will also profit. This book should have RedHat customers hammering at the gates of Raleigh, demanding the power of iterators and list comprehensions that their SuSE counterparts already enjoy by default; it demonstrates the superiority of Python 2.2.* over 1.5.2 in great detail.

Because of this, however, my guess is that 2.2.* will quickly replace 1.5.2, turning large parts of this book into historical footnotes in two years at the latest. This is no fault of O'Reilly's, but rather a current fact of Python life. The editors have done a good job of nailing the parrot, and until this Pythonic Norwegian Blue does the inevitable backflip, it should give its owner much pleasure.

You can purchase The Python Cookbook from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

genehack writes "Long-time weblogger Rebecca Blood's The Weblog Handbook: Practical Advice on Creating and Maintaining Your Blog is an excellent introduction to the currently white-hot world of weblogs. Blood covers all the bases, from a history of the weblog form, through starting a blog of your own, and finally onto finding (and retaining) readers for your site. The book doesn't offer as much for the veteran blogger, but even the bloggeratti won't go away completely empty-handed -- Blood's weblog history provides a valuable common vocabulary for debating what is and isn't a weblog, and her discussion of weblog ethics should be required reading for anybody who claims to be serious about their weblogging." Genehack's review continues below. The Weblog Handbook: Practical Advice on Creating and Maintaining Your Blog author Rebecca Blood pages 195 publisher Perseus Publishing rating 9/10 reviewer genehack ISBN 073820756X summary great introduction to world of blogging, which also offers valuable info for the experienced blogger

Blood begins the book in the obvious place, with a discussion of the history of the weblog format, and a functional definition of what a weblog is (and isn't). One issue with the word "weblog" as it is currently used is that it means little more than "website with time-stamped entries arranged in reverse chronological order". Blood attempts to expand on that definition by pointing out that the other thing weblogs have in common, in addition to chronological formatting convention, is "the primacy of the link":

"It is the link that gives weblogs their credibility by creating a transparency that is impossible in any other medium. It is the link that creates the community in which weblogs exist. It is the link the distinguishes the weblog -- or any other piece of online writing -- from old-media writing that has merely been transplanted to the Web."

One of my primary objections to this section of the book was the contradiction between the above position and Blood's inclusion, earlier in the same chapter, of "blog"- and "notebook"-style sites under the weblogs banner. "Blog"-style sites, in the book's taxonomy, are the nano-journals that showed up in the wake of easy-to-use tools like Pitas and Blogger. These web-based weblogging applications made it easy to let the world know when you were getting up from your desk to go pee -- and thousands of people jumped at the chance to do just that. "Notebook"-style web sites, on the other hand, are characterized by longer chunks of content; they tend to resemble essay collections more than anything else. Both types of sites are markedly different in content and authorial intent from the traditional "filter" style weblogs -- collections of links, annotated with short (or sometimes not so short) descriptions, reviews, or reactions.

Indeed, the former two styles of sites seem to be to be fundamentally different than the latter style, primarily in the extent to which they're inwardly versus externally focused. "Filter" weblogs link almost exclusively to other sites, and they link heavily -- usually averaging at least one link per entry, if not more. "Blogs" and "notebooks", on the other hand, have a much lower frequency of external linking, and are much more self-referential and insular than "filter" style sites. The three sorts of sites share similar formats and are produced with similar tools, but I would argue that referring to all of them as "weblogs" makes the word so generic as to render it useless as a description.

My quibbles over these taxonomic issues aside, The Weblog Handbook's introduction and definition of the "blog", "notebook", and "filter" terms to refer to the various sorts of sites that are collectively known as "weblogs" is a valuable contribution. Hopefully these words will be adopted by other writers in subsequent discussions of weblog history and form.

Blood moves on from the initial historical overview to a discussion of why someone would want to take the time and make the effort to start and maintain a weblog. She covers all the main bases: improving writing skills, improving thinking skills, and networking for personal or business reasons. This chapter might help you think of some new way to leverage your weblog to your advantage, but otherwise it struck me as somewhat redundant -- presumably, if you're interested enough to undertake reading a 200 page book about weblogs, you're interested enough to try running one for a week or a month and see what benefits you get from the exercise.

The next pair of chapters cover setting up a weblog. The target here is the new blogger, and depending on your level of technical sophistication, you might find the coverage a bit simplistic. Nevertheless, these chapters contain sound advice about choosing tools, about some of the conventions of the weblog community (permalinks, archives, sidebars), and about the all-important step of choosing a name for your weblog. After covering set-up, Blood dives into the business of actual creation: how to start writing weblog entries, and how to get better at it over time.

Blood also covers strategies for attracting and retaining readers, tempering those tips with the sage advice that webloggers that are constantly striving to get more readers will never be happy with the reader population that they currently have. This is one of the more critical points that the book has to make, in my opinion, and Blood does a good job of driving home the notion that there are better (and easier) ways of becoming famous than starting a weblog.

The sixth chapter, covering weblog community, ethics, and etiquette, is one of the book's most important. New bloggers that read this section will learn how to avoid offending established webloggers while they are starting out in the community. Bloggers that heed Blood's rules for ethical weblogging may even avoid getting sued for libel. Additionally, Blood deserves further kudos for making this section of the book freely available on her website.

Blood rounds out the book with some miscellaneous advice about maintaining a regular update schedule for your weblog, the wisdom of keeping some modicum of privacy for your off-line life, and the issues over making an email address publicly available -- opening yourself up not only to contact with your readers, but also with every spammer in the universe. None of the material in this chapter will be novel for the experienced web surfer, but Blood's thoughtful treatment is a good introduction for the neophytes that are still out there.

The book finishes up with a trio of appendices. The first covers an actual session with a particular weblog application; the second contains some practical Elements of Style-style advice on creating "linktext" -- the actual words inside a hypertext anchor; and the third offers information on the mechanics of running a weblog -- selecting a web hosting provider, buying a domain, analyzing log files, and so on.

The Weblog Handbook is a well-written, well-rounded, thoughtful introduction to the art and practice of maintaining a weblog. The author, Rebecca Blood, has taken her years of experience gained maintaining her own weblog, boiled it down into concise nuggets of information and advice, and then presented it with a vigor and enthusiasm which clearly reflects her love for the weblog form. Recommended for novice and old-school webloggers alike.

You can purchase The Weblog Handbook from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

If you have fond memories of happily donating quarters to the Konami corporation for hours on end, or thinking how cool the Dragon's Lair graphics were, or better yet can remember when Pong was hip, you may enjoy Alex McLintock's review below of High Score: An Illustrated History of Electronic Games. Update: 10/04 16:17 GMT by T : Yes, this is the same High Score that Jon Katz reviewed a few months ago. High Score: an Illustrated History of Electronic Games author Rusel Demaria, Johnny L Wilson pages 328 publisher McGraw Hill rating 8 reviewer Alex McLintock ISBN 0072224282 summary Words and pictures about sprites and beeps; traces three decades of video game development.

This book is fascinating for anyone around my age (thirty something) who remembers Atari Video Console Systems, Apple ][, and the space invader tables where you sat two people down.

Many people have flicked through my copy of this book and taken trips down memory lane. Almost anyone who has played computer games will find something in here that they remember. The book is a large paperback full of glossy pictures of screenshots, game packaging, and celebrities from the world of computer games. I can't really fault it on production values (though I did spot one photo of an Apple which they printed the wrong way round).

The organisation of this book leaves something to be desired. You would have thought that as a "History" book it might be organised in chronological order, but not really. It has sections on the 70s, 80s, and 90s but within those sections there is only a token effort to write things in order. Thankfully the index saves the day.

The first section ("Before the Beginning") looks at the pre-cursors to computer games such as pinball, and analogue electronic games. These are as fascinating as the computer based games. We learn that "Sega" stands for "Service Games" and "Nintendo" means "Leave Luck to Heaven". The article on "SpaceWar" (probably the first graphical computer game) was fascinating. It ran on a PDP 11 costing 120000 US dollars.

The section on the seventies is (you will forgive me) before my time. The book tells us about "Pong", the early days of Atari, but I don't think I played on any of those machines.

The section on the eighties is where I really start saying "Oh I remember playing that". Missile Command, Defender, Pac-Man and so on. This is the first section where we can't just list everything in date order. The authors have decided to switch between writing about a particular year, writing about different computer games systems and finally writing about different games companies.

It has a couple of pages on Infocom who did the most famous Hitchhikers Guide to the Galaxy Adventure Game including a photo of Douglas Adams (the author) and Steve Meretzky who programmed most of the game. This game almost convinced me to create interactive fiction as a career.

As another example I played Br0derbund's "Lode Runner" on a schoolfriend's Apple ][e. The authors suggest that this might have been the first game that allowed you to create your own levels. That ability found in Lode Runner and David's Midnight Magic was exactly the sort of thing that got me into writing computer programs rather than just playing games.

What it doesn't have is any mention of British companies like Sinclair, BBC/Acorn, or Amstrad. I was shocked to find that "Elite" wasn't mentioned at all in the index. This is a diabolical let down. Sure these companies didn't sell very well in the United States, but they did play an important part in most Brit's growing up. You Americans might not care that much, but I'm reading this book because it is being published in Britain... No where on the cover does it say Illustrated History of Electronic Games played by Americans.

I suppose it does open up the opportunity to some quick thinking British journalist to write an "Illustrated History of British Electronic Games" as a companion piece to this book.

Another snapshot from my youth.... Page 155, Sir-Tech's game Wizardry had a "faux 3D maze". I liked this effect so much that I learned how to program the same effect into my Acorn Electron computer. And some 18 years later I'm still cutting code.

There are real gems hidden away in here. For instance I never knew there was a game based upon the sixties tv series "The Prisoner". I know a lot of Prisoner fans who would love to be able to play that one... And "Wing Commander" which I played for hours on end on my college science fiction society's PC. It was the summer holidays and I didn't have anything better to do....

The Nineties: Maybe I had played myself out, but with a computer degree, and a job I don't think that I played all that many games in the nineties. Sure - it is interesting to read about the SimCity related games. Of course we have a few pages dedicated to id Software, Doom, Quake, and the related games. I've just realised what went wrong. I get motion sickness playing Doom (and all subsequent first person shot-em-ups) I remember playing Doom during my lunch hour at work and then feeling sick for the next hour whilst I tried to recover.

The Playstation, Eidos / Lara Croft, Lemmings, all get a look in, and we finish with Online Gaming, Playstation 2, Gamecube, and XBox.

The verdict -- a great book for delving in and remembering the good old days and a great present for game-playing boyfriends too.

Alex McLintock is the editor of DiverseBooks.com. You can purchase High Score from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Spencerian writes "I've become quite accustomed the depth of co-author Dave Taylor's writing on UNIX in previous books such as Teach Yourself UNIX in 24 Hours . As you can note from Dave's recent writing credits, his experience and knowledge of UNIX is vast and varied. That said, I was mildly disappointed with this latest offering that discusses the UNIX underpinnings of Mac OS X." Spencerian explains the logic underlying that conclusion in his complete review, below. Learning UNIX for Mac OS X author Dave Taylor & Jerry Peek pages 139 publisher O'Reilly and Associates, Inc. rating 7.5 reviewer Spencerian ISBN 0596003420 summary A good first-reference for new UNIX users, but steer clear if you're a UNIX vet.

For starters, I was annoyed to find that the book's title implied a larger format than the 139 pages it comprises. The book has an audience problem because of its size. UNIX guys like thick books. Is this book mostly for newbies to OS X, to UNIX, or to Mac OS X's implementation of UNIX? Despite this targeting problem, the book's contents are still useful, but I think its audience is more geared to new UNIX users. The book just doesn't have much depth for even a reference title, especially for a topic such as UNIX, and particularly for a new, little-documented UNIX family operating system such as OS X.

While Mac OS X is a BSD variant, it has a few idiosyncrasies that may throw off a veteran UNIX user, and this book manages to address most, if not all of these notable problems. For instance, Dave notes problems in sendmail that prevent it from working from the command line in Mac OS X's Terminal application, and presents a fix for the problem. If you use command lines in UNIX all the time, the book does present good instructions on getting Lynx, IRC, newsgroups, pine, and the like up and running in Terminal. The book shies away (quite appropriately) from any graphic interface items unless required, such as when changing Terminal's preferences.

This book was very recently published (May 2002) but already has fallen behind with the release of Mac OS X 10.2 (Jaguar). Some components of Jaguar, such as CUPS support for stronger printing options, are completely missing from this book. If you have Jaguar installed on your computer, don't dive headlong into the NetInfo Manager steps for LPR printer configuration. Books typically don't age this fast, but in the case of this book, small changes seem to mean a lot to this title's usefulness -- the introduction of CUPS may have made Chapter 5's contents almost irrelevant.

Another small nag involves the lack of information on useful commands for Mac OS X users that weren't available (or were difficult to find) with the old Mac OS 9. One such command, cron, makes my life easier for handling some tasks on my home computer. It's not even mentioned in this book, nor will you find much information on shell scripting or compiling UNIX code you might happen to find. I guess I'm most annoyed at the lack of compile information since the Apple Developer Connection marked this book as a Recommended Title.

Despite our fondness for (and tolerance of the slightly-higher prices of) Macintosh computers, Mac users aren't made of money and don't like to buy a bookstore's worth of tomes for basic information. It would have made a lot of sense to talk more about compiling software since Apple's software or other GUI products don't meet or can configure all UNIX needs. And I won't even talk about the lack of coverage about XDarwin, an application that starts XFree86 within a Mac OS X installation, allowing X Window applications to run atop or in tandem with the OS X interface. XDarwin has become popular enough for it to become part of the stable XFree86 distribution. Given that not every UNIX user is a command-line freak, this is a pretty critical omission in my mind.

So, who should buy this book?

If you are completely new to UNIX and have been a gooey-kiddie who's used almost nothing except Mac OS 9, this is a very good reference to get your toes moist with UNIX. However, as drug dealers say, "the first taste is free." This book will leave you wanting more detailed information. More experienced UNIX users can probably find out what they need about Mac OS X's command line from a few free locations such as Mac OS X Hints.

One last thing: A pox upon Tim O'Reilly for not using the platypus for the animal on the book's cover. Given that the open-source core operating system of Mac OS X is named Darwin and has a nicely-modified take-off on the BSD mascot that depicts both the name of the OS and its BSD origins, I would think that O'Reilly would have jumped on this obvious cover.

You can purchase Learning UNIX for Mac OS X from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

zenomorph writes: "I first heard of this book on amazon.com on a Monday morning, and read the reviews of people who had purchased this book. I noticed that there were no reviews from any person in the web security community had commented on it, either on Amazon or anywhere else (with the exception of two brief comments on the back of the book, of which one was written by the person who wrote the book's foreword). So I decided to pick it up on Friday after I left work and see what it had to offer. After picking up the book I noticed it was co-authored by three people who all work for Foundstone, a very large security company that deals with everything (including web security). This review will cover some of the topics covered in this book, along with things that could or should have been covered in greater detail." Read on for the rest of zenomorph's review. Web Hacking: Attacks and defense author Stuart McClure, Saumil Shah, and Shreeraj Sha pages 492 publisher Addison-Wesley rating 8 reviewer zenomorph ISBN 0201761769 summary Web Application Hacking

Target audience: This book is geared more towards beginners and intermediate users, with a few things the more advanced people will enjoy. It explains concepts and practical examples in an easy to understand manner. Pros:

One portion of the book covered a topic which is rarely mentioned and almost never documented in security texts, which is ASP (Active Server Pages). This primarily covered security involving databases handling and login information. Another rarely documented subject this book covered was ISAPI application security. Additional good points below:

• Good examples of the types of commands an attacker will execute when remote command execution is possible. Also had a nice little attack fingerprint reference in the back. (Appendix D Page 462)

• General Tips and tricks for fingerprinting a web server, and database versions. (pages 182-194) Provides this information based on error messages and URL structure.

• Chapter 12 covers remote command execution threats with Java and Java servers. Definably a book highlight. Not too much documentation currently exists on this ever-growing web technology.

• Chapter 14 covers buffer overflows in a very easy to understand manner; something not easily accomplished for the less tech-savvy. It also walks through a complete example of bad code, to writing and executing the exploit.
• One nice section is the "Cheat Sheet" towards the back of the book which provides the most common improperly used functions in ASP, PHP, Java, and Perl. I did notice it left out the ever popular fopen() function in PHP, which is very popular for attackers to exploit when improperly used (Code inclusion attacks).

• Shows good practical examples of attackers using search engines to help further probe a site.

• Covers SQL and Oracle security. (Direct, and Injection based attacks)

• Web Application server security was covered with examples on BEA Weblogic, and Websphere.

• Provides good examples of using tools such as Netcat, Sam Spade, Teleport Pro, Black Widow, Webcracker, Brutus, Achilles, Cookie Pal, etc.

• Coveres the threats of Internet worms,including the effect on the Internet of Nimda, and Code Red. Gave details of what exactly they did, and how they could spread.

• Chapter 17 is a treat. Covers how attackers avoid IDS systems through the use of SSL, and URL encoding (such as Unicode, 2-byte, 3-Byte, and double encoding.) Also covers how to set up an IDS on SSL via reverse proxies.

Cons: This book was released in August of 2002, but I couldn't find any reference to cross-site scripting. Cross-site scripting isn't a new type of attack. In fact, it has been around since the late 1990's. More gripes below:

• The authors have a tendency to include snippets from IRC conversations. While it's explaining how hackers communicate during attacks I found it a little lame. I'd rather they had mentioned some "hacker" channels, or something along those lines.

• Neither cookie theft nor poisoning is mentioned, while cookie modification is.

• I went to the back of the book hoping to gather some good references for further reading and only got a small links section showing 6 links, none of which where technical documents but instead general web links.

• Web application abuse and spamming aren't covered at all, which is something very important and an ever-growing option for spammers.

• No references to XML-RPC or SOAP were found but the athors do briefly mention Microsoft's .NET technology without providing any code examples.

• Lack of web application wrappers and security. CGIWrap and Suexec aren't mentioned anywhere. Nothing about chrooting webservers, or applications for additional security were found.

• Apache's "Tomcat" server isn't mentioned anywhere, with the exception of an exploit mentioned in Appendix D. (Source Code, File, and Directory Disclosure Cheat sheet)

• Not a big complaint but it would have been nice if Python or TCL were covered.

Closing:

On a scale of one to ten I give this book an eight. This review was written to give you an idea of the contents, or lack thereof. Perhaps this will help you to decide if this book is what you're looking for, or a waste of time.

You can purchase Web Hacking: Attacks and Defense from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

David Kennedy writes: "This is a review of Brett McLaughlin's new O'Reilly title, Building Java Enterprise Applications. Volume 1: Architecture, subtitled Designing with EJBs, Databases, and Directory Servers." Read David's in-depth review, below. Building Java Enterprise Applications, Volume I: Architecture author Brett McLaughlin pages 300 publisher O'Reilly rating 9 reviewer David Kennedy ISBN 0596001231 summary Practical guide, with examples, for building a J2EE application from scratch.

Summary: Building Java Enterprise Applications is an excellent book, and ought to be on the bookshelf of every J2EE programmer working on the mid- and back-tier. If you are like me, then you then have a series of books on various parts of the J2EE alphabet soup -- a few on EJB/JNDIs, one on JMS, one on RMI, one on JDBC, a database/SQL primer, a J2EE patterns book (I recommend Depur et al. by the way), maybe even some hyped-up case studies from Sun's press etc -- but nothing on how to design an entire J2EE application from scratch. There is nothing scarier than a blank piece of paper at the beginning of a project -- this book provides a combination of a tutorial and worked example, along with an insight into the thought processes of the designer.

There are not enough books of this type for the J2EE platform; the emphasis on tying together disparate technologies to build a coherent system is exactly what I need at this stage of my career, and I found the author's constant revisions and tweaking of his design fascinating and reassuring. I'm going to pre-order Vols. II and III.

Check your sources.

You might recognise the author's name -- Brett McLaughlin is the author of another O'Reilly title, Java & XML*, and writes for flashline.com, IBM Developer Works, JavaWorld and others. You can either Google for these or visit the web-site newInstance. In my opinion he knows his onions, is aware of what other root vegetables are out there, and, most important, he can communicate well.

What's the book about? I'll give you a bit of the blurb first, as it's a fair description of the material:

"Java has many enterprise APIs: JNDI, EJB, JMS, JAXP, and the other XML APIs, JDBC and more. But how do you as a developer put the pieces together and build something that works? How do these components integrate with back-end servers (databases and directories) and with front-end platforms (web servers and web services)?"

"[This] is Volume I of that series; it covers the business logic and back-end of an enterprise system, including entity EJBs, JDBC, JNDI (...), and JMS. Volume II will discuss architectures for web applications; Volume III will venture into the still-uncharted territory of web services."

That's quite an ambitious series; and something of a departure in style for O'Reilly, who have built their enviable reputation by providing definitive titles on one technology at a time. This more a book on when to use a tool, and which tool to use, rather than how to use a tool. I think it's good to see O'Reilly branching out in this way, but it brings them into the preserve of other publishers. It might be interesting to see how this new type of title does.

So what is covered in detail? Let's have a detailed look at the contents:

1. Introduction
2. Blueprints
   This chapter outlines the case study that the author uses for the remainder of the book. This takes the form of a simple, but not trivial, financial-services tool. The blueprints are high-level sketches of the business need, the Data Layer, the Business Layer, and the Presentation Layer.
3. Foundation
   This covers designing the data stores, databases and directory servers.
4. Entity Basics
   Basic design patterns, coding and deploying beans.
5. Advanced Entities
   IDs and CMP, data modeling and the nasty details.
6. Managers
   Managers, in the facade sense, for entity beans and the LDAP directory.
7. Completing the data layer
   Nasty details, populating the data store.
8. Business Logic
   The facade pattern and stateful/stateless design.
9. Messaging and packaging
   JMS on the client and server. Packaging.
10. Beyond flexibility
    The wrap-up chapter, covers the major design points, discusses adapting the material to your own projects, and hints and what presentation layers may be added as a teaser for Vols. II and III.

As you can see there are no surprises in the contents. Once the high-level problem and solution is laid out, there's just a sensible progression through the layers. I particularly liked the practice of stopping and reviewing at regular checkpoints -- it helped tie the material together and emphasize the layering in the design.

There are some detailed appendices giving vendor specific instructions for databases, containers etc. This section also contains all the non-unique code for each layer, e.g., all the entity beans that weren't discussed in detail.

• SQL Scripts
  Cloudscape, InstantDB, MySQL, Oracle, PostgreSQL.
• SQL Deployment
  Ditto.
• Directory server setup
  iPlanet, OpenLDAP.
• Application server setup
  BEA Weblogic only.
• Supplemental code listings
  All code also available in completed final form on the associated web-site.

Sounds wordy... It's not. This is a short book, only about 300 pages including appendices and index. (Compare that to something like Roman's classic EJB book ...) Chapter content is only 200 pages. Fully a third of the content of the book is code; this is definitely one for the programmer, those of you who delight in detailed breakdowns of requirements, user stories, schedules, etc will find little or nothing of interest here.

Equally, there is little in the way of explicit (non-coding) high-level design discussion -- all the code is evolved directly from the well-written text. This is not a bad thing at all -- the design seems sensible and straightforward, always a good sign, and mostly presents an admirable example to any young programmers watching.

All this doesn't mean you are reading a listing though. As on any project involving EJBs, there is a lot of more-of-the-same code between beans -- most of this code is concentrated in the appendices, and only the material under discussion is presented. New code is always presented in full, from package declaration to closing brace. This is refreshing and permits you to actually get something working as you read through the text, although you'll need to be prepared to set up app servers, databases etc to get maximum benefit.

Target audience? Experienced Java programmers who have started using the J2EE platform and are fairly comfortable with all the bean types, JMS, JNDI etc. This book states several times that it is not a primer on any one technology, and provides ample references to more detailed texts when appropriate.

This is very much a book for a wannabe J2EE developer who can't quite figure out how to fit the pieces together, or, like me, just has a gap in his/her skillset when it comes, to, say, LDAP.

What's good? Lots of it. Mainly, the best thing is the clear presentation of a LOT of code via a well partitioned example application (which will also be re-used in Vols II and III). The code is of good quality too, and presents several idioms that while obvious now, were unknown to me when I started EJB work... with the usual reworking-over-a-weekend later on. In particular, there are some commonsense pieces of code -- like a nested exception class for those of us still using pre-1.4 (and remember, you're tied to what your app server supports), some simple session and entity bean Adapter classes, simple Value Object classes etc. As I said, nothing earth-shatteringly novel, but it's nice to see a lot of these idioms used together to simplify the code.

Another admirable thing about the book is the handling of the detail. I've read several books which follow the practice of putting in Gotcha! box-outs, and to be honest, few of them are that useful unless you are a novice. I'm been programming for a few years now, and was amazed at the silly difficulties I've had with my first EJB project -- as a result I'm pleased to say that the box-outs indicating problem areas sound like the voice of bitter experience. For example, there is discussion on following the correct style for accessors/mutators under CMP (getId works, getID cheerfully fails), advice on the very fixed order in the deployment descriptor XML, problems with case-sensitive searches in JNDI, etc. Those of you who've worked with, particularly, EJB1.0/1.1, will undoubtedly have groaned as you realised the problem de jour was something simple-but-outside-your-code like those examples.

Admittedly it's not my area really, but I also found the whole treatment of directory servers very clear and useful. For the first time I understood (a) how they work (b) when they complement databases (c) how to use them easily from my code. Again, I admire the level of detail achieved without being confusing -- I don't see many introductory books include things like the default port number for directory servers using SSL (636 - well, I didn't know that!).

What's bad?

Not much. By nature of the book it doesn't go into huge detail on all technologies used -- there were a few areas where I wanted more. In particular I would have liked to have seen more on testing; now that XP is pretty much mainstream, no one can deny that unit testing is vital on production projects. (When I started using EJBs I had to kludge together a nasty version of JUnit which fitted into the sub-optimal build and client-server framework we were using. I've since found that there are better ways to test EJB layers, but I can still only think of one book, by Richard Hightower, which walks you through examples.) Although the build files in the example use Ant, which makes JUnit and other tools very easy to integrate, there is no mention of unit testing. This is a pity.

The only other things that caught my eye were minor -- coding style in particular. The coding style in the book is very straightforward and Sun-standard, but I have to admit that I'd have liked more JavaDoc'ed code. The code on the website is much more fully commented. I understand that printing this means more paper, and thus a thicker and more expensive book, but on some of the custom methods it would have clarified things for me.

In particular, and I'm being picky here, I didn't find that the authors practice on handling nulls and errors fitted with my own -- admittedly I don't so much practice "defensive coding" as "paranoid coding." Most methods were not null safe, and that can be a nightmare to debug in an n-tier system. Also, he took the line of returning null to indicate failure or error. I understand it's a valid design decision -- my experience says to go with more explicit errors in a larger project, and I would have liked a page or two on the choices here.

Another area where I feel there is room for improvement in the presented style is in the use of hard-coded Strings for lookups - for example, in the AccountManager object there are several lookups of the AccountHome, e.g.:

    AccountHome accountHome = (AccountHome)context.lookup(

        "java:conp/env/ejb/AccountHome";  // Whoops, finding this can be tough!

From experience code reviewing EJB based projects, it's going to save a lot of pain looking for typos if this repeated hard-coded String is (a) extracted as a constant so it can only be mistyped in one place and (b) refactored into a lookup method. It's a fairly minor point, but useful to do right from the start on an EJB project and worth pointing out to someone starting their first one. (Mis-typed meta-data like this is a bit of a weakness in the J2EE framework in my opinion - I always feel that I'd save a lot of time if the compiler or some J2EE aware verifier could check over those Strings to see if they match anything else in the build... I've used vendor tools which claimed to do so, but as they didn't even check that methods/lookup names were in the bean source I wasn't sure what was being verified!)

One last thing: I know it's minor, but why the insistence on importing explicitly? I feel it makes maintenance more difficult -- change one LinkedList to an ArrayList and you're off fiddly with minor imports again. I also didn't find this:

import javax.jms.JMSException;
import javax.jms.Message;
import javax.jms.MessageListener;
import javax.jms.ObjectMessage;
import javax.jms.Session;
import javax.jms.TextMessage;
import javax.jms.Topic;
import javax.jms.TopicConnection;
import javax.jms.TopicConnectionFactory;
import javax.jms.TopicSession;
import javax.jms.TopicSubscriber;

as appropriate for a printed book as this:

import javax.jms.*;

It would have been nice to trade those 10 lines wasted for some custom JavaDoc. However, all told there is remarkably little to grumble about in this book -- I couldn't even spot the obligatory editorial mistake. (That really annoyed me.)

Alternate titles?

Can't think of a good one. (Either a sign that this book is one you might want to look at or else so completely specialised as to be of use to only one person in the world, and that person is probably the author. Luckily, I think it's the former in this case.)

It is however worth a trip to the bookstore for companion, as opposed to alternate, titles before reading this - it assumes detailed knowledge of several J2EE areas, but provides suggested (O'Reilly) titles for reference.

Sounds good -- but what do you know anyway?

Time for the disclaimers. Some material in the book I found useful because I lack experience -- in particular, some database and LDAP stuff.

However, 5 years of getting paid to play^H^H^H^Hcode, and a personal reference library of some 120+ books has made it easier to spot the rare decent title! Most of my J2EE books are from my experience of EJBs for the last year or two, so I know what mistakes are easy to make, as I've made 'em. [I'm actually catching up on my reading, and hence reviewing, due to the Great Telecomms Downturn finally affecting me - anyone want a J2EE developer? :-) ] Finally, I paid for this book (which isn't the case for some of my other reviews).

You can purchase Building Java Enterprise Applications, Volume I from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

(* Bonus mini-review: a useful book, but not easy reading, I found it hard to slog through, but managed my first XLST work in about 10 minutes using it.)

Are Flagan writes with the review below of Hacker Culture. Flagan says this book "truly marks the entry of the 'hacker' into the realm of academia" -- a point which has both good and bad consequences. Read on to see if you might enjoy Hacker Culture as much as Flagan did. Hacker Culture author Douglas Thomas pages 266 publisher University of Minnesota Press rating 10(ish) reviewer Are Flagan ISBN 0816633452 summary A new critical history of hacker culture

Let me first recapitulate two brief preludes that figure prominently in Hacker Culture:

1. Around 1970 John Draper discovered that a freebie whistle included with Captain Crunch cereal sounded a tone that allowed him, as a literal whistle-blower, to take control of the phone line. Sounding the frequency of 2600 Hz, the high-pitched toy quickly sprouted a cottage industry of small electronic devices called "blue boxes" (first built by Draper) that emitted the commanding tune. Shortly thereafter, in 1971, Steven Jobs and Steven Wozniak built hordes of the boxes and sold them to students in the Berkeley dorms. Jobs and Wozniak would go on to build and found Apple computers by employing the same principle: take existing knowledge and turn it to profit by, eventually, making appropriation proprietary. (Slashdot readers are no doubt familiar with the fact that Mac OS X is not much more than an "aqualicious" -- and expensive -- wrap of FreeBSD.)

2. The first personal computer was arguably the Altair. It came as a raw DIY kit that required soldering for assembly and programming to make it work. An early success in coding came in the form of Altair BASIC, a programming language adopted from mainframe systems by Paul Allen and Bill Gates. Unlike other hobbyists who shared their exploits freely, Allen and Gates decided to charge for their adaptation, but were quickly thwarted in their race to the goldmine by the sharing of software at computer clubs, an action that prompted Gates to call fellow developers thieves. For these hobbyists, the notion that programs could be secret and had to be purchased violated the tradition of programming as an ongoing collaboration. The births of our two major personal computing platforms, Mac and PC, consequently both stem from significant changes in the relations between openness and secrecy, sharing and ownership.

In Hacker Culture, Douglas Thomas provides a rewarding account of what preceded and followed these developments, charting the evolution of cracking and hacking from early yet seasoned programmers, generally found at Ivy League departments or under ARPA jurisdiction, to the demonized teenage villains of the 1990s. Although the term "hacking" has become somewhat of an umbrella misnomer to cover diverse behaviors bridging half a century, Thomas does it remarkable justice through, as he puts it, "an effort to understand hacking as an activity that is conditioned as much by its history as by the technology that it engages." To this end, he seeks to engage the role of hacking from an expansive and useful perspective, covering the hacker relationship to technology and society, representation of the hacker through both mainstream media and outlets such as TAP, Phrack and 2600, as well as the juridical construction of the criminalized hacker, which is basically a fancy term for Kafkaesque travesties of justice (the cases of Kevin Mitnick and Chris Lamprecht are analyzed in depth).

Hacker Culture is thankfully not a stylized look at subculture, as an embryonic cult aspiring to become marketable culture, but rather a much broader view of the increasingly computerized networks that comprise society. It is an intelligent exploration beyond the package-design boxes of software, covering our documents, and the product-design casings of computers, housing our institutions. Seen from, or via, an autonomous, skilled perspective on the command line, Hacker Culture provides an indispensable insight into a history of computing that it has become increasingly important to understand for computer users of all levels and abilities. As such, it is perhaps best suited, and intended, for those who do not frequent sites like this, but even pundits with Slashdot bookmarked since it was listed in the root will presumably enjoy the thoughtful analysis Thomas brings to the subject.

A lingering criticism, not exactly directed at the book, is that this publication truly marks the entry of the "hacker" into the realm of academia, where this figure will be dissected ad nauseam along with other minority reports concerned with the so-called radical fringes. Earlier blockbusters on the hacker topic, like Steven Levy's eponymous Hackers: Heroes of the Computer Revolution from 1994, had a certain "sensationalist" appeal that, akin to William Gibson's Neuromancer, drew more of their leitmotifs from classic frontier westerns than cultural criticism. Instead of reading about jacking in and cracking from these primal sources, we got a ton of obligatory theory that read between the lines and reported on the findings at twice the length. Thomas, although he writes both eloquently and lucidly in an entertaining style, is fundamentally connecting the dots of theoretical writing as a second-generation commentator, frequently quoting Levy, for example, and at times the discussion embarks on rather redundant pontifications as a result. (Recall how you can guess the subject of most connect-the-dots outlines, while it usually takes a child careful tracing to number 147 or so before a shriek of joy recognizes the rabbit.) Such misgivings, which are essentially more inspired by the predictable rhetorical mode of academia than this book, are however relatively minor compared to the welcome prospects of actually having some core ideas about free information and open-source computing distributed to a wider audience.

A question remains about what will happen to the figure of the hacker now that we have had, and discussed, both Matthew Broderick, in Hollywood's War Games, and Kevin Mitnick, in jail. In Hacker Culture, both lay claim to capture and coach the collective imagination with regards to what informed autonomy means and the paybacks it receives. Perhaps the future, following Hacker Culture, will prepare a better balance between revered stardom, obscene bankrolls, criminal records and lone isolation cells?

Reviewer Are Flagan has trouble remembering his own passwords. You can purchase Hacker Culture from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

David Kennedy writes with a review of Tom DeMarco's older Dorset House title, Why does software cost so much? (sub-title: And Other Puzzles of the Information Age.) Sounds like something to put in the same section of your library as Frederick Brooks Jr.'s The Mythical Man Month . Why Does Software Cost So Much? And other Puzzles of The Information Age author Tom DeMarco pages 230 publisher Dorset House rating 7 reviewer David Kennedy ISBN 093263334X summary An older collection of essays, some good, some bad, from one of the most respected names in the software management field.

Summary: An older collection of essays, some good, some bad, from one of the most respected names in the software management field. An interesting read, not least because of the amusement to be gained from how things have, and haven't, changed. Worth reading if you have the time, but not as essential as some of his other titles.

Check your sources. Tom DeMarco is an established industry figure who occupies that rarest of market niches - he's a management consultant/guru who has the respect of technical people. He's the co-author (with Tom Lister) of the classic "Peopleware" (which I suggest you rush out and read), and it's on the strength of that title that I read his work. I normally lack even the slightest interest in management titles, on the basis that Sturgeon's Law seems to be especially strict in that genre. For example, both my copies of "The 7 Habits of Highly Effective People" and "The Monk Who Sold His Ferrari" ended up in the bin. (If it helps, I have a library of about 5K books [mainly novels], and have only ever thrown out 4.)

What's this book about? This is a 1995 title, and as such is interesting for historical value. The blurb states:
"Drawing together several essays published previously, plus ten all-new papers never seen beyond his circle of colleagues, Tom DeMarco tackles a multitude of tough subjects and wrestles fresh insight out of them. Here's a compact, compelling edition of this acclaimed consultant's views of managing the software process."

What you get is 230 pages of essays or opinion pieces. There are 24 pieces, ranging from a couple of pages to a couple of dozen pages. A smattering of titles:

• Why does software cost so much?
• Management-aided software engineering
• Lean and mean
• If we did only one thing to improve...
• Software development: State of the art vs State of the practice
• Software productivity: The Covert Agenda

As the titles suggest, the focus is on software projects specifically, although much of the discussion re managing the effort could apply to many technical disciplines. All pieces which refer to surveys don't use numbers pulled from a hat, they use numbers pulled from the bibliography at the back.

Target audience It's a mix. Most of the pieces seem aimed at management, from team leader to project manager, but the discussion will be of interest to most programmers, especially those suffering from the Bad Management Blues, or who are thinking of taking a step sideways into a team lead role.

What's good? Quite a lot. This isn't a long book, and it's not going to revolutionize your life, but it makes for a decent couple of hours reading. The author can certainly write, with a chatty style obviously honed by a career based on presentations. All the pieces are easily digested, and usually contain a nugget of something interesting.

There are a few nice points in here re how and why you should manage your software project, but for me, the interesting thing about this older title is that it's a very different world he's talking about! For example, one piece, from 1989, talks about the difference between programmers working on identical tasks. They show nice charts and I was amazed to see PASCAL and BASIC in there. I expected to see COBOL of course, but the small size of the C wedge was shocking. Of course, there was no wedge for C++, let alone Java or Perl.

As with any older title, there are technological fossils like this to be marveled over in several essays, but it's quite interesting how the author pronouncements are generally, well, reasonable and right. He's not Nostradamus, and doesn't predict specifics, but there is a nice discussion on language uptake (he rails against FORTRAN and COBOL in a world of Modula-2, Oberon and SmallTalk! I suspect more people now now use the either of the former languages than all the latter languages put together). In this essay, he talks about how some of the third generation languages are wonderful, but suffer from inadequate or confusing libraries. He suggests that only wide and deep libraries really make people change languages in the real world. I know (from reading his new title, "Slack", review coming) that he's much further from the code now, but I wonder what he makes of Perl or Java? (Certainly the thing that lured me from C++ to Java was the libraries. Well, I missed the STL which makes the Collections API look like a child's homework.)

Other essays talk about the Microsoft anti-trust trial, or the fate of IBM. In both cases he seems to be more-or-less on the money, simply by being slightly cynical and not making any mad assumptions. Of course, by the same token, nothing he predicts is particularly startling, but still, of interest when reading.

There are a quite a few pages devoted to things which don't relate to technology specifically, and hence, don't appear dated now. These generally concern scheduling, or people management, and generally are as good as people expect this author to be. When he's good, he's very good. I want to work with a manager like him someday, just to see what it's like! However, even in these people-skills sections, I can't help but wonder what he'd revise in the light of the whole dot-con debacle.

What's bad? Well, this is a fix-up title, and some of the essays are, to be frank, crap. I doubt any but his most ardently completist fans want to read an essay on his experiences trying to work with desktop video for example. A couple of the essays just struck me as, well, rather pointless. Sometimes funny, but pointless. These tended to be the "Not previously published" ones, and I think there's a reason for that.

Alternate titles Oh, sure. There's a shelf full of titles like this in your nearest bookshop. I don't generally like any of them though, so I'll just recommend his earlier Peopleware and his latest, Slack.

You can purchase Why Does Software Cost So Much? from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

David Kennedy writes with a review of Tom DeMarco's older Dorset House title, Why does software cost so much? (sub-title: And Other Puzzles of the Information Age.) Sounds like something to put in the same section of your library as Frederick Brooks Jr.'s The Mythical Man Month . Why Does Software Cost So Much? And other Puzzles of The Information Age author Tom DeMarco pages 230 publisher Dorset House rating 7 reviewer David Kennedy ISBN 093263334X summary An older collection of essays, some good, some bad, from one of the most respected names in the software management field.

Summary: An older collection of essays, some good, some bad, from one of the most respected names in the software management field. An interesting read, not least because of the amusement to be gained from how things have, and haven't, changed. Worth reading if you have the time, but not as essential as some of his other titles.

Check your sources. Tom DeMarco is an established industry figure who occupies that rarest of market niches - he's a management consultant/guru who has the respect of technical people. He's the co-author (with Tom Lister) of the classic "Peopleware" (which I suggest you rush out and read), and it's on the strength of that title that I read his work. I normally lack even the slightest interest in management titles, on the basis that Sturgeon's Law seems to be especially strict in that genre. For example, both my copies of "The 7 Habits of Highly Effective People" and "The Monk Who Sold His Ferrari" ended up in the bin. (If it helps, I have a library of about 5K books [mainly novels], and have only ever thrown out 4.)

What's this book about? This is a 1995 title, and as such is interesting for historical value. The blurb states:
"Drawing together several essays published previously, plus ten all-new papers never seen beyond his circle of colleagues, Tom DeMarco tackles a multitude of tough subjects and wrestles fresh insight out of them. Here's a compact, compelling edition of this acclaimed consultant's views of managing the software process."

What you get is 230 pages of essays or opinion pieces. There are 24 pieces, ranging from a couple of pages to a couple of dozen pages. A smattering of titles:

• Why does software cost so much?
• Management-aided software engineering
• Lean and mean
• If we did only one thing to improve...
• Software development: State of the art vs State of the practice
• Software productivity: The Covert Agenda

As the titles suggest, the focus is on software projects specifically, although much of the discussion re managing the effort could apply to many technical disciplines. All pieces which refer to surveys don't use numbers pulled from a hat, they use numbers pulled from the bibliography at the back.

Target audience It's a mix. Most of the pieces seem aimed at management, from team leader to project manager, but the discussion will be of interest to most programmers, especially those suffering from the Bad Management Blues, or who are thinking of taking a step sideways into a team lead role.

What's good? Quite a lot. This isn't a long book, and it's not going to revolutionize your life, but it makes for a decent couple of hours reading. The author can certainly write, with a chatty style obviously honed by a career based on presentations. All the pieces are easily digested, and usually contain a nugget of something interesting.

There are a few nice points in here re how and why you should manage your software project, but for me, the interesting thing about this older title is that it's a very different world he's talking about! For example, one piece, from 1989, talks about the difference between programmers working on identical tasks. They show nice charts and I was amazed to see PASCAL and BASIC in there. I expected to see COBOL of course, but the small size of the C wedge was shocking. Of course, there was no wedge for C++, let alone Java or Perl.

As with any older title, there are technological fossils like this to be marveled over in several essays, but it's quite interesting how the author pronouncements are generally, well, reasonable and right. He's not Nostradamus, and doesn't predict specifics, but there is a nice discussion on language uptake (he rails against FORTRAN and COBOL in a world of Modula-2, Oberon and SmallTalk! I suspect more people now now use the either of the former languages than all the latter languages put together). In this essay, he talks about how some of the third generation languages are wonderful, but suffer from inadequate or confusing libraries. He suggests that only wide and deep libraries really make people change languages in the real world. I know (from reading his new title, "Slack", review coming) that he's much further from the code now, but I wonder what he makes of Perl or Java? (Certainly the thing that lured me from C++ to Java was the libraries. Well, I missed the STL which makes the Collections API look like a child's homework.)

Other essays talk about the Microsoft anti-trust trial, or the fate of IBM. In both cases he seems to be more-or-less on the money, simply by being slightly cynical and not making any mad assumptions. Of course, by the same token, nothing he predicts is particularly startling, but still, of interest when reading.

There are a quite a few pages devoted to things which don't relate to technology specifically, and hence, don't appear dated now. These generally concern scheduling, or people management, and generally are as good as people expect this author to be. When he's good, he's very good. I want to work with a manager like him someday, just to see what it's like! However, even in these people-skills sections, I can't help but wonder what he'd revise in the light of the whole dot-con debacle.

What's bad? Well, this is a fix-up title, and some of the essays are, to be frank, crap. I doubt any but his most ardently completist fans want to read an essay on his experiences trying to work with desktop video for example. A couple of the essays just struck me as, well, rather pointless. Sometimes funny, but pointless. These tended to be the "Not previously published" ones, and I think there's a reason for that.

Alternate titles Oh, sure. There's a shelf full of titles like this in your nearest bookshop. I don't generally like any of them though, so I'll just recommend his earlier Peopleware and his latest, Slack.

You can purchase Why Does Software Cost So Much? from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

RickHigh writes "The BEA WebLogic Server Bible is an enjoyable read. If you have been using WebLogic off and on since before EJB (Enterprise JavaBeans) existed, you will still learn a bunch of new tricks. This is an excellent reference that can be read from cover to cover. The book focuses on small examples with an emphasis of deploying and configuring the examples in the WebLogic environment." BEA's WebLogic is an application server -- as such, it sits in a small enough niche that you won't find a full shelf of helpful books at your local Borders. If hosting applications for a large organization is part of your work, though, you should read on. BEA Weblogic Server Bible author Joe Zuffoletto et al pages 1000 publisher Hungry Minds rating 5 stars reviewer Rick Hightower ISBN 0764548549 summary The WebLogic Bible reference to have on hand.

There are plenty of examples of setting up your WebLogic configuration, with explanations of what the different parameters are and when to use them for Servlets, JSP, EJB, JMS, and more; just what you need when you are having those configuration problems and a great reference to have around when you get stuck. If you like going from concept to implementation, then this is the book for you.

Unlike some other WebLogic centric books, the Bible's coverage of EJB CMP/CMR was good. Also, the coverage of performance monitoring was really well done. And, the ideas for optimization and the thought process behind it was also really well done. These are just a few examples of a really well written technical manual--the missing WebLogic Manual.

A couple areas of concern (some just nits):

1) A few times the examples were WebLogic centric when they could have been written them in a cross platform manner (wrt J2EE ). (Note: A prerequisite of this book is a working knowledge of J2EE.)

2) The EJB examples hard coded the JNDI parameters instead of using the jndi.properties file in the classpath, which is the preferred approach for cross platform J2EE development.

Granted, at times you have to write things WebLogic centric to utilize WebLogic-specific extensions to J2EE, but the book also did this at times when it was not really necessary to do so. A J2EE veteran will catch the difference, and a J2EE novice will not. Bottom line: you should have a working knowledge of J2EE before reading this book and there will not be any problem.

Another problem with the book is that it covers WebLogic 6.1, while WebLogic 7.0 is already out. However, the material is still applicable to WebLogic 7.0. The book was released this year as was WebLogic 7.0. This in an unavoidable problem with books focused on such a target market. By the time they update the 1000-page book to WebLogic 7.0, WebLogic 8.0 will probably be out.

Also, in the next edition they should cover the Weblogic specific Ant tags in addition to the console and other means of deploying applications. Ant is the de facto method for building, deploying and testing J2EE applications, and a book like this should reflect this reality.

If you are new to WebLogic, I suggest that you get this book. If you have been working with WebLogic since before the EJB .8 spec., I suggest that you get this book. This book is not a J2EE tutorial, but it covers the basics and focuses on WebLogic specific areas of concern.

Consider this book recommended.

Links of note:

• WebLogic Bible website
• Books on WebLogic
• EJB 2.0 Tutorial that deploys examples to WebLogic
• Book on building, deploying and testing J2EE components.

You can purchase WebLogic Bible from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

SpinDoctor writes "Looking across the XML bookshelf today, it's easy to see many books discussing XML in a generic manner, or more commonly how to utilize XML within Java, .NET and Perl. Moreover, despite the broad based support that PHP has for XML, there has been no book that tackled the complexities and best practices, and at the same time offered a comprehensive resource to the XML-based APIs -- at least not until now. Read on for more about the best selling Professional PHP4 XML." Read on for the complete review. Professional PHP4 XML author Luis Argerich, Ken Egervari, Matt Anton, Chris Lea, Charlie Killian, James Fuller pages 945 publisher Wrox Press rating 9 (on a scale of 10) reviewer SpinDoctor ISBN 1861007213 summary In-depth and concise guide to using XML and related technologies within the PHP language

Introduction

Over the years, XML has not only become a useful way to represent and transmit data in an application independent way, it has also become an integral part of virtually every component within an enterprise application and developer tools that we use everyday. Until two years ago, PHP has often been neglected when it came to extending the core PHP libraries to include any XML capabilities. Even further, there has often been a lack of written resources to guide PHP developers to learning these technologies as it pertains specially to the PHP platform.

Over time, however, many committed open-source programmers have developed extensions for PHP to include SAX, DOM, XPATH and XSLT support. Even further, many PEAR contributors and Sourceforge projects have included greater XML support for WDDX, XML-RPC, SOAP, Apache Xindice and many other XML-based technologies and applications. As new APIs were released, PHP really started to become a powerful platform to develop applications that were capable of solving many enterprise business problems. These improvements provided PHP with the power and functionality needed to compete with platforms like Java, .NET and Perl to create the open-source scripting language of choice, providing an easy-to-use and a powerful set of capabilities to developers all across the world.

The Scoop

True to its title, Professional PHP4 XML is a rich guide and resource to using XML technologies within the PHP platform for intermediate to expert developers (spanning 945 pages). Although the book is intended for seasoned programmers looking to enrich their XML-related skills, the book does in fact include a primer on the core syntax and capabilities of the PHP language and fundamentals of XML to ensure the reader is able to understand and appreciate the book's content. Also, given the clear and concise writing style and the thoroughness of the book's content, novice programmers will be able learn a great deal and follow along naturally.

Unlike many books that briefly discuss a given technology and provide simple, but working examples, Professional PHP4 XML goes beyond these base requirements by supplementing the concepts and code examples throughout the book with a wealth of fascinating and useful information. The book accomplishes this by engaging the reader with innovative solutions to common, reoccurring problems as well as not so common problems that you'll find in the real world. In addition, each chapter provides a great deal of insight into:

• The overall architecture of the technology/standard itself,
• Clear design goals when using that particular technology
• Best practices to help the reader avoid common pitfalls, and
• Some heads up information on future changes in the XML libraries as best as can be predicted by the authors.

Each chapter also explores the various consequences to using a particular technology within an organization and how XML aids developers in simplifying the overall design and maintainability of enterprise applications. In a nutshell, this book enlightens the reader to improve their design techniques and current programming models rather than looking at trivial examples and function definitions that many sites on the web already provide.

The material itself is very well organized and flows in a logical progression that you'd naturally expect. The XML Fundamentals chapter provides the reader with the basic knowledge of data representation, markup languages and an extensive coverage of the syntax, rules and terminology of the XML 1.0 specification. It also provides a primer on topics such as DTDs, XML schema and namespaces.

The next chapter is a very rich catalog of all the XML vocabularies and standards developed prior to the book's publication. It provides an introductory coverage of markup languages like WML, SVG and RDF and parsing and transformation technologies like SAX, DOM and XSLT. Essentially, almost all derivatives are covered to provide the reader with 'the big picture,' which is commonly missed from many books.

The book continues with very detailed discussions on the core XML technologies: SAX, DOM, XPath and XSLT. It is designed to provide the reader with the theoretical concepts as well as the practical coding techniques and examples spanning just over 260 pages (not including the appendices at the back of the book). Thus, readers are not required to purchase a book on the general XML technologies or a book specifically pertaining to DOM or XSLT as Professional PHP4 XML covers each of the topics in very lengthy detail. Essentially, this book can pretty much stand alone by itself, but if you want a nice professional taster to PHP, then this book's parent: Professional PHP4 Programming is a good bet. You may also want to read this book's sibling: Professional PHP4 Multimedia Programming, which is replete with full case studies using PHPs multimedia extension libraries to build dynamic PHP front ends.

The last chapters of the book also feature detailed discussions on 'Syndicated Content' with a practical bent, inside insight on 'XML storage' and a case study to develop a calendar server using 'XML-RPC'. Another highlight of the book is the comprehensive reference section, including: PHP4 XML Language reference, Installation reference, SAX, DOM, XSLT and Xpath references and a primer on Object-Oriented programming with PHP.

What's To Consider?

Although the review has been fairly positive up to this point, there are some minor problems with the book. First, some chapters were written better than others, as is the same with all multi-author books. Since Wrox strives to deliver up-to-date books on bleeding-edge technologies, it only makes sense that several authors must collaborate to deliver such a comprehensive book (also considering no single individual is an 'expert' at all these technologies). However, WROX has ensured that there is a consistent flow between the chapters to align each of them with the overall vision for the book. This is an evolving trend with new Wrox titles as we can see this from their new releases.

The last negative aspect of the book, although at no real fault to the authors or the publisher, is the chapter on SVG graphics. Although fairly good, this chapter will probably not be useful for many of the readers. Even now, there has not been a wide demand for the use of SVG graphics and many older browsers cannot even support them. With time, however, this chapter might prove to be more useful in the future.

Summary

Overall, whether you are a novice or highly skilled PHP programmer, Professional PHP4 XML will provide you with the very best in-depth and concise guide to using XML and related technologies within the PHP language. Perhaps you think you know XML very well, even within the context of PHP, but this book might surely surprise you with information that could only be provided by the experience gained through these XML-pioneering authors. I must say that Wrox and the authoring staff have done a wonderful job delivering such a great book and that I would sincerely recommend this book to any aspiring to advanced PHP developer.

You can read a sample chapter from the book online, and you can purchase Professional PHP4 XML from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

chromatic writes with the review below of Writing Perl Modules for CPAN, which explains at a level "between novice and intermediate user" (and in a minimum of space) how to contribute to Perl's own Library of Alexandria. Writing Perl Modules for CPAN author Sam Tregar pages 288 publisher Apress rating Recommended. reviewer chromatic ISBN 159059018X summary A guide to the use and production of Perl modules, from start to finish, in C and in Perl. The Scoop

Besides Perl's abilities as a rapid development language, it's widely believed that the CPAN is its most valuable feature. This network of freely distributable code allows competent developers to achieve great heights of productivity, reusing the work of a generous community of programmers.

Of course, just as some will argue that Perl's copious documentation (spread over two thousand pages) is not immediately obvious to beginners, neither is how to use and even to contribute to the CPAN. For every coder who's successfully published a module, how many more would jump at the chance? How many registered CPAN authors would like to improve their skills?

With that audience in mind, Sam Tregar's Writing Perl Modules for CPAN plants itself firmly in the gap between novice and intermediate user. While much of the book presents information present in a multitude of FAQs, manpages, and the bittersweet experiences of those of us who did things the hard way, he's collected much knowledge into a short and readable guide.

What's to Like?

Tregar starts by describing the history and usage of the CPAN itself. This includes the three most popular approaches to building modules: through the CPAN shell (including its configuration), by hand, and with ActiveState's PPM tool. Next, he explains module development in forty pages. This is pretty dense stuff for the intended audience and might require several passes by newer coders. Only after re-reviewing the chapter for this summary did I realize how much he covered. The next chapter covers design and style, from naming schemes to appropriate laziness through code reuse. It's more philosophical and more important.

The next two chapters cover bundling and submitting modules to the CPAN, as well as being a good author and maintainer. The general tone is quite similar to the impressive Open Source Development with CVS. While manpages usually describe the mechanics of making a distribution, for example, they rarely explain the reasons why things are done that way. As with previous chapters, several code examples illustrate the concepts under discussion.

After a brief chapter discussing a few very effective CPAN modules, Tregar dives into XS (the interface between Perl and C). In 60 pages, he describes just enough of XS and the Perl API to teach careful programmers how to be effective at extending Perl. This introduction compares favorably to the first few chapters of the new (and excellent) Extending and Embedding Perl. As expected in an overview, he provides links to more information. The writing and example style is clear enough that a decent coder with sufficient C knowledge should be able to write a Perl wrapper to a C library with relative ease.

The last two chapters describe Inline::C, an abstraction layer that makes XS much easier, and CGI::ApplicationC, a state machine framework for Perl CGI applications. It's not quite clear why the last chapter was included (besides Tregar's desire to see more CPAN modules extending CGI::Application), but it serves as an example of using and extending a CPAN module. Perhaps a future version of the book will elaborate further.

What's to Consider

The book's code samples are generally good. In the first half, they are all related parts of a larger project. The rest of the book moves away from this approach. Perhaps it would have been worthwhile to continue the theme, though the nature of the material makes it difficult to see exactly how to accomplish this.

Tregar also avoids the use of strictures and warnings in his code examples, claiming that they would make the examples too verbose. I disagree with the given reasoning -- teaching is the best time to enforce good habits, especially when encouraging the students to distribute their code to the world. This is a minor issue, though, as the code is readable and reasonable.

In the past few months, two projects have gained a great deal of momentum in Perl space. These are the CPANPLUS (disclaimer: I am contributing to this project and have contributed to CPAN.pm) and Module::Build. They may become the new standards, replacing CPAN.pm and MakeMaker as early as Perl 5.10. The book omits mention of these. This is understandable, given the time frame -- and the current tools will not be disappearing any time soon. Potential replacements for h2xs are described in a sidebar, though.

The Summary

This is a readable book. It took only a couple of hours to read (though I'm assuredly not the target audience), and is well packed with good advice. Fresher Perl programmers who aren't yet comfortable enough with packages and interfaces will get the most benefit, but there's plenty of information for intermediate hackers as well.

Table of Contents

1. CPAN
2. Perl Module Basics
3. Module Design and Implementation
4. CPAN Module Distribution
5. Submitting Your Module to CPAN
6. Module Maintenance
7. Great CPAN Modules
8. Programming Perl in C
9. Writing C Modules with XS
10. Writing C Modules with Inline::C
11. CGI Application Modules for CPAN

You can purchase Writing Perl Modules for CPAN from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

David Mazzotta writes "Reading like an extended, Darin Morgan-penned episode of the X-files (Humbug, Bruckman, Coprophages, Chung), Christopher Buckley's Little Green Men uses alien abductions and UFO conspiracies as a backdrop for some of the surest and funniest satires in recent years." Read on for the rest of David's review; I tend to prefer books from William F. Buckley, but this one sounds fun. Little Green Men author Christopher Buckley pages 317 publisher Random House rating 8.0 reviewer David Mazzotta ISBN 0742963314 summary Political and social satire wrapped in a zany story of alien abduction.

John O. "Jack" Banion is a man of fearsome power. A combination of Larry King and Bill O'Reilly, he hosts a pompous Sunday morning "issues" talk show that is the hub of Washington media. Politicians hate him, but need him. The dowdy matrons of beltway society fall over themselves to get him to attend their dinner parties. He has the luxury of dismissing millions of dollars in endorsements as beneath his lofty station. In an early scene, the President appears on his show and gets treated with righteous disdain, about which he privately muses "Presidents come and go."

Banion's life is filled with stifling protocols that he has fully embraced. He has few passions -- his wife seems happily neglected, the arts bore him, he doesn't even truly care about the politics he is immersed in, except to the extent that he wields influence over it. Even his cynicism rings hollow.

Enter one Nathan Scrubbs, a frustrated, mid-level, black-ops bureaucrat and professional alien abductor for an unmentionable government program called MJ-12. For years, Scrubbs has located prime abductee candidates: those who are personally reliable and believable, yet have the social and educational standing that would cause the media to doubt their veracity -- that is to say, trustworthy rubes. He orders their abductions with bored detachment, then monitors the media reaction to ensure that there is just a subtle but consistent undercurrent of belief that can be used for various manipulative purposes (bolstering the defense budget, scaring the Russians, funding satellites, etc.).

But Scrubs is bitter. He dreams of being a CIA field op, but was rejected by the agency. His job is a dead end. He can't advance, can't transfer, can't even talk about it with anyone. So one Sunday morning, blind drunk on Bloody Marys, while watching Banion's talk show, he authorizes a rogue abduction of Banion.

Banion goes public about his abduction and finds himself outcast from his elite circles while Scrubbs flees for his life from his own agency. Not surprisingly, events spiral out of control and the fates of Scrubbs and Banion intertwine. No more hoaxing unsuspecting rednecks, or manipulating meaningless government policies; for the first time in their lives they find there are deadly serious consequences to their actions. The collision of the contemptuous gravitas of the political actors with the madcap world of UFO conspiracists provides ample opportunity to compare the two and leave us wondering which one is sillier.

As a former speechwriter for Bush the Elder, Buckley, the editor of Forbes FYI, is very assured in lampooning the Washington DC aristocracy he is undoubtedly familiar with. He perfectly captures the egos behind the noble facades in the degrade-or-be-degraded Capitol high society. After his on-air flaying of the President, Banion is greeted by other power players at an elite dinner party.

But here was Tony Flemm, host of the second-rated Washington show, trying not to look jealous. "Jack. Nice show."

"Do you think? I don't know."

That's right, torture the poor bastard, make him explain, make him elaborate in front of everyone on just why he though it was such a good show. But wait, here came Burt Galilee, beaming, shaking his head in mock horror at Banion's ruffling of presidential eagle feathers. And here, just behind him, came the Speaker of the House of Representatives, and behind him, the French ambassador. A triumph.

Buckley is equally sardonic with the abductee population, yet, perhaps because they are painfully sincere despite their silliness, they are treated with a bit less vitriol.

Another of [hypnotherapist Bart Hupkin's] regressees shared her breakthrough of wrapping herself in cellophane, which, like panty hose, made it more difficult for the aliens to drive home their vile phallic probes. She noted that this also helped with weight loss. Another abductee announced that she was depressed because she missed her alien children. The father had, contrary to their joint custody arrangement, taken them off to the Pleiades with a "slut" from Aldebran. Hupkin said she should not take this personally. Aliens were notoriously problematic when it came to commitment.

Banion left the workshop unable to shake the feeling that there was something lacking in these people's lives...Banion had to keep reminding himself that the early Christians must have been an odd bunch, too.

As with any satire of length, the droll commentary can only take you so far; then you need characters that can carry the story. Though both are essentially passionless cynics at heart, Banion and Scrubbs flesh out fairly well. A central irony: Banion finds zeal for the abductee movement that he never experienced in the "serious" world of politics, and Scrubbs finally gets a taste undercover agent life as he flees the wrath of MJ-12. The plot runs a bit low on steam towards the end, but by that time we are, if not sympathetic for, at least interested enough in Banion and Scrubbs to want to know how it all ends.

Buckley takes an unbiased approach to satire. He is non-partisan regarding politics or social standing; he punctures the pretentious and skewers the self-important wherever he finds them. If you would rather be amused than disgusted with the inanity you read in the news or see on TV, Little Green Men is for you.

You can purchase Little Green Men from bn.com; (Note the remaindered price of $3.99 for the hardcover). Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

David Kennedy writes "Applied Java Patterns is an adequate Design Patterns reference for those who must have a Java version of the classic Gamma et al (aka Gang of Four, or GoF) Design Patterns, but it's only adequate. If C++ or Smalltalk hold little fear for you, stick with the original sources: 'This isn't the definitive Java Design Patterns book we're looking for -- move along.'" Read on for the rest of David's review. Applied Java Patterns author Stephen Stelting and Olav Maassen pages 561 publisher The Sun Microsystems Press / Prentice Hall rating B reviewer David Kennedy ISBN 0130935387 summary Adequate Java implementation of "Design Patterns"

Check your sources.

The title is published by Sun Microsystems Press, and the two authors are instructors for Sun Microsystems. As you would expect, this means you won't find any discussion of Java's darker corners; this isn't a particularly damning criticism in a book about Design Patterns, but it does mean that, for example, you won't see discussion on why double-checked locking implementations of the Singleton pattern don't work. (I might be reading more authorial/editorial bias into this than was intended of course -- I'm a bit paranoid. Too much caffeine, I expect.)

What's the book about?

From the blurb:

"[...] After briefly reviewing the fundamentals of design patterns, the authors describe how they can be applied effectively to the Java platform and present proven techniques for all types of patterns, from system architecture to single classes. Next, they present a pattern catalog."

In other words, what we get is an adequate intro, followed by about 275 pages of pattern catalog (mostly from Gamma et al, with a few threaded items from Doug Lea's Concurrent Programming in Java). This is what you're buying the book for, and on the whole it's decent material.

It continues:

"In addition, they identify patterns in the core Java APIs and present techniques for pattern use in distributed development. [this title] also features a section on pattern use in systems built with J2EE and Jini technology and coverage of the servlet, JSP, and EJB APIs."

Just about! This entire section is very much secondary to the catalog. The core Java APIs discussion is about 20 pages, the distributed section about a dozen, and the rest only 15! I've seen as much discussion of the pattern usage in the JDK in asides in, for example, Bloch's Effective Java (an excellent book by the way).

Of much more interest are the appendices. In reverse order -- Appendix B is a welcome bibliography. Appendix A is an odd decision on the part of the publisher. Appendix A is "Full Code Examples." Normally I'd think that this is a good thing, but appendix A is 224 pages, as compared to 273 for the whole pattern catalog. I feel it would have been better delivered on a CD. I realise this adds, what? $5?, to the cover cost, but the book would have been substantially thinner, with a knock-on effect on price.

A more important consideration is that this appendix distracts from the catalog, and adds little (other than working framing code) to the discussion of the patterns.

Target audience?

Experienced Java developers - but ones who haven't been exposed to Design Patterns before. I doubted that this was a huge audience, but then realised that Java is often used as a teaching language now, and I may be wrong in assuming most graduate programmers would be comfortable with the C++ and Smalltalk examples in Gamma et al. I could see this being a useful niche title for those mono-linguists starting out their professional careers.

What's good?

Overall, this isn't a bad title. It's decently written on the whole, has passable explanations of the main Patterns, and is presented clearly. It's just that there's nothing superb about it, and the problems (below) offset the overall competent tone. (It's a weird book to review: the majority of the content isn't original, and as a repackaging exercise I can't comment on, say, how brilliant it is to have a name of the Factory concept at long last.)

What's bad?

Too much for a simple port of GoF to Java. Let's start with the obvious flaws and then move onto "missed opportunities":

• Diagrams
  Sorry, but there is no way that the UML diagrams in this title are acceptable in a professional publication. They're woeful, jagged-edged screen-capture affairs.

• Appendix A
  As discussed above, the book has a schizophrenic feel with a LOT of material relegated to, or repeated in, Appendix A. A much more useful approach would have been to provide more material on the applicability of each pattern, or to flesh out some of the alternative implementations discussed.

• The example application
  This title tries to do something laudable, but ill-thought out. What they do is start to discuss an example application (the Personal Information Manager) in the first pattern, and then carry that example through to all the other examples. This isn't a bad idea, but think about it. How do you use your pattern books? I flick through mine. I pull it off the shelf and read one pattern, or pass it to a colleague saying, "You want to change that to a [whatever]."

  When reading this title my flatmate was struggling with some OO design homework -- flicking to the pattern under discussion (Composite) starts us into another discussion of the PIM! This isn't what I want and puts me off the title immediately as I feel like I'm missing some background. The examples need to be more standalone. (To be fair, this only affects the blurb text, the code is independent.)

• Oh editor, where art thou?
  While talking over the Composite pattern with my confused flat-mate, I noted that the Deliverable snippet actually gives the code for the ProjectItem again (page 163). Sadly, it's also wrong in Appendix A. On the full read-through this type of simple proof-reading error occurred too often.

• Oh code reviewer, where art thou?
  Here's a hint for publishers. When writing a book for a professional audience which necessarily thrives on pedantry, try and have examples peer-reviewed first. Much of the code in Appendix A is not great. Now, I realise we're developing educational examples here, and we want to keep the focus on the pattern, but the impression given by the full code examples isn't good. Continuing the above example, the error handling of the Composite pattern is feeble. (Static ints defined in an exception class and then if-elsed on the main class to get printable versions? Yeugh.) I'm being picky here, but this is a book about better design, and people-in-glass-houses, etc. In addition, the core concepts aren't original, and so it's this (slightly sub-standard) example code which gives the added value, or rather, should.

• Fly-leaves
  You know what I love most about Design Patterns? The fly-leaves -- to find a pattern I open the cover, skim the list and turn to appropriate page. Brilliant for a reference title. Applied Java Patterns misses a simple trick here. A hardcover edition would also be nice. As would those nice GoF ribbons. (My apologies if there is a softcover version of the GoF book featuring neither fly-leaves nor ribbons and I've been comparing apples to oranges.)

So, overall the impression that this book gave me was of an opportunity missed. Too many little details wrong, or lacking when compared to the GoF title.

Alternate titles?

There is another Java Design Patterns title: Addison-Wesley's Java Design Patterns -- A Tutorial, by James W. Cooper (2000, ISBN 0-201-48539-7). I can't say I recommend this title either -- it's much thinner, comes with a CD, takes a more tutorial tone, but suffers many of the same flaws (sloppy editing, lack of 'flickability,' chunks of dodgy code and some bloody examples).

Sorry, but the undisputed king still reigns -- the original GoF book is still superior in almost all respects. Only a lack of recent examples, and the fact that the examples are only in C++ and Smalltalk can be called criticisms. (Details: Design Patterns: Elements of Re-usable Object-Oriented Software, by Erich Gamma, Richard Helm, Ralph Johnson and John Vlissides. Addison-Wesley, 1995, ISBN 0-201-63361-2)

If you feel that the GoF book is a bit, well, academic and intimidating for your taste then might I suggest a side order of John Vlissides's companion volume, Pattern Hatching: Design Patterns Applied (1998, ISBN 0-201-43293-5). This slim volume talks about applying patterns -- where, how, etc -- in a clear way, using a tutorial approach. The example system developed helped me "get" some of the concepts first time through. The examples are in C++.

I don't want to give the idea that there are no new Design Pattern books worth reading - for example, for J2EE work I think highly of Core J2EE Patterns by Deepak Alur, John Crupi, and Dan Malks (2001, Prentice-Hall, ISBN 0-13-066586-X).

So, to sum up, this isn't a bad book, but it does feel like a pale imitation of the GoF title, and offers very little to anyone who develops in Java but has access to the GoF book. Any publishers or wannabe authors listening? Seems like now might be a good time to think about issuing The Design Patterns Java Companion, along the lines of the existing Smalltalk title. (Hmm, maybe I should take my own advice ...)

You can purchase Applied Java Patterns from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

davorg writes "Over the last few years mod_perl has become a serious force in web development. If you're building a web site to run on an Apache server and you want to write the code in Perl, then you're going to want to install mod_perl on your server too as it's the best way to avoid many of the performance issues with traditional CGI. It's taken a while for publishers to wake up to the fact, however, and there haven't been many books in the shops. It looks like this will be the year that this changes. A number of mod_perl books are about to be published and this is the first." Read on below for Daveorg's thoughts on this one. mod_perl Developer's Cookbook author Geoffrey Young, Paul Lindner & Randy Kobes pages 630 publisher Sams rating 9 reviewer Dave Cross ISBN 0-672-32240-4 summary What mod_perl programmers have been waiting for

This book uses the popular "cookbook" approach, where the content is broken down into short "recipes" each of which addresses a specific problem. There are almost two hundred of these recipes in the book arranged into chapters which discuss particular areas of mod_perl development. In my opinion the cookbook approach works much better in some chapters than in others.

It's the start of the book where the cookbook approach seems most forced. In chapter 1 problems like "You want to compile and build mod_perl from source on a Unix platform" provide slightly awkward introductions to explanations about obtaining and installing mod_perl on various platforms (kudos to the authors for being up-to-date enough to include OS X in the list). All the information you want is there however, so by the end of the chapter you'll have mod_perl up and running.

Chapter 2 looks at configuration options. It tell you how to get your CGI programs running under mod_perl using the Apache::Registry module which simulates a standard CGI environment so that your CGI programs can run almost unchanged. This will give you an immediate performance increase as you no longer have the performance hit of starting up a Perl interpreter each time one of your CGI programs is run. This chapter also addresses issues like caching database connections and using mod_perl as a proxy server.

We then get to part II of the book. In this section we look at the mod_perl API which gives us to the full functionality of Apache. This allows us to write Perl code which is executed at any time during any of the stages of Apache's processing.

Chapter 3 introduces the Apache request object which is at the heart of the API and discusses various ways to get useful information both out of and back into the object. Chapter 4 serves a similar purpose for the Apache server object which contains information about the web server and its configuration.

In chapter 5 the authors look at Uniform Resource Identifiers (URIs) and discuss many methods for processing them. Chapter 6 moves from the logical world of URIs to the physical world of files. This chapter starts by explaining the Apache::File module before looking at many ways to handle files in mod_perl.

The previous few chapters have built up a useful toolkit of techniques to use in a mod_perl environment, in chapters 7 and 8 we start to pull those techniques together and look in more detail at creating handlers - which are the building blocks of mod_perl applications. Chapter 7 deal with the creation of handlers and chapter 8 looks at how you can interact with them to build a complete application.

Chapter 9 is one of the most useful chapters in the book as it deals with benchmarking and tuning mod_perl applications. It serves as a useful guide to a number of techniques for squeezing the last drops of performance out of your web site. Chapter 10 is a useful introduction to using Object Oriented Perl to create your handlers. While the information is all good, this is, unfortunately, another chapter where the cookbook format seems a little strained.

Part III of the book goes into great detail about the Apache lifecycle. Each chapter looks at a small number of Apache's processing stages and suggests ways that handlers can be used during that stage. This is the widest ranging part of the book and it's full of example code that really demonstrates the power of the Apache API. I'll just mention one particular chapter in this section. Chapter 15 talks about the content generation phrase. This is the phase that creates the actual content that goes back to the user's browser and, as such, is the most important phase of the whole transaction. I was particularly pleased to see that the authors took up most of this chapter looking at methods that separate the actual data from the presentation. They have at recipes that look at all of the commonly used Perl templating systems and a few more recipes cover the generation of output from XML.

Finally, two appendices give a brief reference to mod_perl hooks, build flags and constants and a third gives a good selection of pointers to further resources.

This is the book that mod_perl programmers have been waiting for. The three authors are all well-known experts in the field and it's great that they have shared their knowledge through this book. If you write mod_perl applications, then you really should read this book.

You can purchase mod_perl Developer's Cookbook from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Bonker writes: "When I first picked up 'ChronoSpace', parts of which were published earlier in 'Asimov's Science Fiction', it initially looked like an interesting time-travel thriller-- something we've seen many of, but not a story that gets old due to its variations. Indeed, the story starts out revolving around the central premise that the small percentage of UFO's sighted that can't be explained away as airplanes, comets, or blimps, are in actuality time-travelling ships from the future sent to investigate the past." Read on for Bonker's thoughts on how the book progresses from there. ChronoSpace author Allen Steele pages 320 publisher Ace Books rating 1/10 Boo! Hiss! reviewer Bonker ISBN 0441008321 summary A promising time-travel concept with a flawed and disappointing execution.

It's an intriguing concept and one that the author explores with relish. Indeed, one of the two main characters in the story spends a great deal of his time exploring the social climate of pre-World War II Germany during Hitler's rise to power. After the initial concept is explained, however, the story starts to break down.

The author seems infinitely more interested in name-dropping other, more successful sci-fi authors and scientists. Steele has done his research on obscure historical persona, but he can't seem to fix the holes in his own story.

A good example in terms of broken plot is the fictional scientific principle the author uses to drive his time-travel ships. It's called the 'Morris-Thorne' principle in the story, obviously named after the scientists who discovered it. Since this *is* a time-travel story, when a character named Morris is introduced, the observant reader would think that the author is stitching his story together, trying to subtly explain things to the reader. The observant reader would be wrong, because this angle is never touched again. In fact, the author rather absent-mindedly contradicts the possibility later in the story.

Another good example is the date scheme that Steele uses to identify his chapters. After the inevitable 'uhoh, we caused a paradox' event in the middle of the story, one of the dates listed mysteriously jumps from Monday, January 14th, 1998 to Thursday, January 15th, 1998. (The latter is correct. Monday was the 12th in 1998.) In any other kind of story, this kind of discrepancy could be easily dismissed as an editorial oversight. In a time-travel story, it's *supposed* to be a dead giveaway, just like the next date problem, when it jumps from a correct day in 1998 to an incorrect day in 1997. It's not any kind of giveaway. It's an editing mistake, and a painful one at that.

What's really amusing about this is that, earlier in the story, one of the characters makes the case for having to know the exact time and date in order to time-travel correctly. Apparently having the wrong date doesn't make much of a difference to their calculations when they use it to time-travel because it's never mentioned again. Neither are the other limitations on time-travel the author introduces, such as the inability of time-travellers to breach the first millennium or earlier.

The book is ridden with inconsistencies like this. I'm not sure if it's laziness or incompetence on the part of the author or if Mr. Steele was stuck with a rhesus monkey for an editor, but in a story where incidental details matter so much, these otherwise trivial errors are hard to forgive.

The climax of the book is a first-degree act of Deus Ex Machina, perpetrated by judgmental aliens who are super-intelligent and somehow immune to paradox. It's hard to swallow by the time you've already waded through the rest of the story's problems. The cautionary ending is bitter and disappointing. Steele successfully deviates from formula in this respect, but only at the cost of making his painfully static, flat characters seem even more depressive and uninteresting.

I have to conclude that 'ChronoSpace' is simply not worth the time it takes to read, even for the most adamant of sci-fi or time-travel fans. Even if you completely dismiss the amount of smugness the author shows dropping modern and historical names, the story is rife with inconsistencies, errors, and writing blunders. The characters are flat and uninteresting. Any chance they have to grow is brutally crushed by this steam-roller of a plot that Steele's trying to push. The one thing that could redeem a story like this was if it were inspiring or offered some new insight on the philosophy of time travel. Instead, Steele tries to be cautionary. It's hard to convincingly cautionary when the moral of your story is, "Don't mess with time travel, or easily angered super-aliens will destroy your planet's civilization." In fact, if Steele has anything to say about inspiration in ChronoSpace, it's that inspiration is dangerous. Even carefully controlled forward advancement is harmful and should be avoided. I'm not sure if that's what he was trying to accomplish, but it's a major theme in the book nonetheless.

The hell of all this is that even up against the super-cautionary tone of the book, Steele could have easily done a better job with his story, even if it was just a quick read-through of his own work to correct some of the screaming errors he's made. He didn't, and it shows.

Don't waste your time with 'ChronoSpace'.

You can purchase ChronoSpace from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

dooling writes "Continuing the tradition of well written O'Reilly 'Programming' books by those who know the language best, Programming PHP, co-written by the creator of PHP, Rasmus Lerdorf, provides a detailed overview of the popular PHP web-page scripting language. This book provides good programmers who have never used PHP enough information to do serious web development using PHP and serves as an excellent reference for web-page designers who dabble in PHP." Read on for the rest of his review. Programming PHP author Rasmus Lerdorf & Kevin Tatroe pages 507 publisher O'Reilly and Associates rating 7 reviewer dooling ISBN 1565926102 summary great PHP book for serious programmers, good reference While not as entertaining as Programming Perl, it isn't nearly as long either (and doesn't have to be). The book is written in a straightforward style and is very well organized. Appendices provide quick reference to all the PHP built-in functions and many PHP extensions. The most popular extensions, e.g., PEAR DB (database connectivity) and XML, have entire chapters devoted to them. Can't find a PHP extension for your favorite library? There's a chapter about writing your own PHP extensions, including writing C library wrappers.

This book begins as most O'Reilly "Programming" books do: with a brief introductory chapter. In Programming PHP, this chapter is very short, so don't look to this book for a gentle introduction. On the other hand, this is the perfect book for you if you are just looking to learn a new scripting language. The following chapters go over syntax, data types, built-in functions, etc. These chapters are a little dry, but move quickly and effectively demonstrate the unique features of PHP (as compared to other scripting languages).

Of particular interest to programmers who are interested in expanding their horizons to developing dynamic web pages are the chapters on PHP web techniques, security, and application techniques. The web techniques chapter gives a quick overview of HTML and the GET and POST methods (and why you would want to use one or the other). It then covers a lot of useful tips and tricks that may be foreign to someone who has done little or no web development. Topics such as getting server information, form processing, sticky forms, file uploads, document expiration, and authentication are covered. It ends with an excellent discussion of maintaining state from page to page and visit to visit, covering cookies and PHP's (very cool) session support.

The security chapter covers standard things you want to keep in mind when creating dynamic HTML. No surprises here, but it is always good to be reminded. The application techniques chapter starts with a collection of best-practices, tips, and tricks to make your development process easier and better. It concludes with sections about error handling and performance tuning. As with the security chapter, there is nothing here a good programmer doesn't already know, but you can never hear it too many times.

I think this is a great book for programmers who want to start developing dynamic web sites with PHP. It gives a detailed overview of PHP, lots of valuable tips, and a good sense of PHP's strengths.

As someone who has written a lot of code, but only a little CGI, I really liked the chapters that discussed application development techniques specific to the web. Along those lines, not much time is spent on standard coding techniques, so if you want to use PHP but have never written any serious code, you may want to look elsewhere for an introduction. For the rest of you, just think, you may never have to use CGI.pm again.

The index seems adequate, although I must admit I did not use it much on the first read-through. The book is so well organized that, when reading it, you do not have to flip around much. Perhaps someone who has used this book as a reference can comment further on the quality of the index.

Contents are available on O'Reilly's page Links

• PHP home page
• Rasmus Lerdorf's home page
• Kevin Tatroe's O'Reilly page
• O'Reilly page for book
  

See Rasmus's page for links to where you can buy the book (maybe he gets a kickback for the link). Of course, you could always go to a local bookstore and purchase it.

You can purchase Programming PHP from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Alexander Moskalyuk reviews below the new O'Reilly title Essential Blogging, which he points out is available not only for purchase through conventional purchase, but also with O'Reilly's Safari Online subscription, where it's available for a mere 1 point. Read on for his take on how useful Essential Blogging really is. Essential Blogging author Benjamin Trott, Mena G. Trott, Shelley Powers, J. Scott Johnson, Rael Dornfest, Cory Doctorow pages 264 publisher O'Reilly rating 3/10 reviewer Alexander Moskalyuk ISBN 0596003889 summary Introduction to running Weblogs on the Internet

Blog, Blog, Blog. Recent media infatuation with the blogging effect seems to be overwhelming. It seems that newspaper journalists have just discovered the ability to post and comment messages on the Internet, while most of the computer aficionados and heavy Internet users just shrug their shoulders when told about personal Web journals that link to other articles on the Web.

Blogging Essentials is mostly a generic guide to setting up and running your own Weblog using the software available out there. It doesn't require as much technical knowledge and Unix experience as Running Weblogs with Slash, and doesn't have a nice preface by CmdrTaco, but for a person who is determined to keep a daily journal available on the Internet, it would provide helpful reading material.

What's reviewed

Blogger, Radio Userland and MovableType are the primary products discussed in the book. Each of these packages has two chapters dedicated to it, one for beginners' introduction and one for description of advanced features. The main difference between these three products is in their hosting capabilities - Blogger wants you to keep the journal entries on its Web site and provides Web interface, Radio UserLand keeps the posts on its own server as well, while providing desktop interface, while MovableType assumes the user has a Web server on which to install the blogging software. Both Blogger and Radio UserLand allow for self-hosting, which is also covered in introductory chapters.

Another chapter is dedicated to server-based Blosxom, and in the review of desktop clients such blog utilities as BlogScript, BlogApp, BlogBuddy, W.Bloggar and Slug are covered.

What's good and what's bad

While the depth of covered material is surprisingly large for such a narrow topic, a lot of book pages are spent on displaying screenshots of the blogging software, and showing other people's blogs. The only thought that never left my mind while reading this book was "Who would buy it?" Why would you need 264 pages to explain you how to set up your own journal and run it? People who find satisfaction in running their own customized versions of online journals already know most of the material, and those who don't would probably opt in for easier Web-based interface like LiveJournal.

The book seems to be just a quick walk-through of the manuals, and if you consider that all of the reviewed products have pretty good help and FAQ sections, the need for such book decreases even more. I can hardly name anyone to whom I would recommend this book.

Table of contents can be viewed on publisher's Web site.

You can purchase Essential Blogging from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

John F.X. Sundman is the author of Acts of the Apostles , an independently published, computer science, science fiction-attach-whatever-label-you-want-but-it's-good book, which we've reviewed on Slashdot before. Recently, he's taken his other work Cheap Complex Devices, updated, edited, and put together a package with Acts, available in PDF and dead tree version. I had the pleasure of reading both of them again -- read more to see my thoughts.Update: 09/09 16:11 GMT by T : Oops -- that should have read (as it now does) "Cheap Complex Devices" rather than "Cheap Computing Devices." That is all. Acts of the Apostles/Cheap Complex Devices author John F.X. Sundman pages 400 publisher Rosalita Associates rating 9 reviewer Hemos ISBN (see website for each) summary Two Sundman books combined for even greater power.

First of all, I'm not going to be doing another review of Acts, as I've already done that once. It is worth noting, however, that this is the first time both CCD and Acts have been brought together in an omnibus edition. I've got two different copies of Acts, but greatly enjoyed reading the two together again. Why? Because they fit together like two sides of the same coin -- or better yet, like Walther Matthau and Jack Lemmon.

Cheap Complex Devices's backdrop is that of being (supposedly) machine-written. (The foreword and descriptors of the book itself are greatly entertaining. It's that kind of writing that flows over into Acts.) While the scene may (or may not) have not even the slightest passing resemblance to reality, it's still something that grips your mind. You believe that the "Hofstader Prize for Machine Written Narration" could exist, and that the Society for Analytical Engines sounds pretty reasonable. Heck, it sounds at least as reasonable as the ACM.

BTW, if you can't be bothered to read Acts of the Apostles, take my advice and do it. I believe my standing quote on the book is that it's what Tom Clancy would write if he wasn't dumb. Essentially, it's a great techno-thriller, except the technology is something that a geek would appreciate -- but it's also written well enough that non-geeks will enjoy it. The hero of that book makes an apperance in CCD as one of the heroes in one of the automata written texts.

The actual text of the stories in CCD are just as amusing as the commentary about them, although oddly enough I think I actually like the commentary more then the stories. "Bees" is a commentary on what it means to be human, albiet with a peculiar focus on Gatorade. And the Bonehead Computer - well, just doing a little Googling for it.

I'm not sure what else to say about these books, other then read 'em. If you liked Naked Lunch, or any sort of thrillers, or thought GEB was an amazing work, or just like to read, these books will thrill ya.

To get them, John has a website to purchase CCD. He takes Paypal or checks in the mail. You can buy them in PDF or have dead tree versions sent, or both. Whatever -- you do what want. One caveat though: "Final 'truth in advertising' note: the version of CCD on my website is 87.9842% the same as the final book form (the book is better). I'll reconcile them soon. " (note from John)

Enjoy.

Peter Wayner writes: "If you're one of the last few who believe that the numbers on your portfolio statement are any more permanent than a spring day, a sun tan, or a wink in a bar, you may want to tune into John Motavalli's new book, Bamboozled At the Revolution: How Big Media Lost Billions in the Battle for the Internet. The book follows the stumbling attempt by the old school in the media to turn their so-called power into dominance over the new domain. Numbers fly back and forth. Executives fret over turf. Dreams of glory float skywards. Yet in the end, it's just as Ecclesiastes warned: 'All are of the dust, and all turn to dust again.'" Read on below. Bamboozled at the Revolution: How Big Media Lost Billions in the Battle for the Internet author John Motavalli pages 334 publisher Viking rating 7.0 reviewer Peter Wayner ISBN 0670899801 summary Stories from the big media boardrooms and their quest to extend their dominance.

The book is an inside tale told by an insider who chronicles the frantic days when the insiders were certain that the Internet was going to change everything. In this case, the insiders were the golden boys at media conglomerates who managed through some mixture of luck, devotion, and talent to control the worlds of cable television, newspapers, magazines, and movies. In the mid 1990's, the Internet threatened to overturn their world when they realized that anyone could set up a website, turn a bedroom into a corner office, and join the media. One minute some Mom in NJ is burning spaghetti sauce, the next minute Madonna is coming over for a chat on her weblog.

Reading the book is an ideal way for Slashdot readers to stick their nose into the exclusive tent filled with media moguls. The book does an ideal job of conveying the NY mindset that the world is made up of billions of sheep just waiting for the media to tell them how to bleat. When the Internet threatens to lure some of the flock, the big guys with the big corner offices start writing checks hoping to find a way to own a piece of it.

The book is played out chronologically and begins with Time-Warner's desire to build a full-service, interactive cable system in 1993. The final epilog was probably written in April and it's already a bit dated because it went to press before the accounting upheaval at AOL. In between, the executives of the big media companies struggle to find an Internet strategy-- something that never really gels for anyone.

Motavalli documents the progression with details that matter to media executives. We learn where people went to college (Haverford, Harvard), where they ate dinner (City Grill, "a gross strip mall" in Vienna, VA that serves great pizza,), the names of their yachts (Highlander), if their offices were big (yes), and if they got along (no). All of the executives in this book are always getting irked, losing confidence, chafing at some new org chart, or jettisoning some division.

Nothing seems to work for these guys. They try merging with each other; they try pop-up ads; and they try building portals. Yet through it all, the value of advertising just keeps dropping. The more time people spend on-line, the more page views they create. That means, more viewers mean lower ad prices. Uh-oh. The law of supply and demand seems to insist that success only begets failure. How are people going to make money on-line? We may never know, because nothing except the severance packages ever work out for the guys in the corner offices. The Internet won't be tamed.

To some extent, the title of the book is a misnomer. There aren't many stories of fast talking Internet guys pulling the wool over the eyes of the old media guys, at least in the way that Lyle Lanley talked the town of Springfield into building a monorail. The media moguls knew that the Internet was going to be big and they knew they only way they could be part of it was to invest. As Bob Pittman says at the beginning of the book, the networks ignored cable channels and then woke up one day to see that the upstarts controlled the new landscape. The old school media magnates knew they had no choice and they spent freely.

The title is also a bit wrong because the bamboozled are usually outright losers, conned completely -- and that certainly hasn't happened to all of the media titans. The list of the top news sites from Jupiter Media Metrix includes plenty of old corporate names . Despite the loss of cash, some of the old media companies were able to dominate the Internet. That doesn't mean they'll stay in the business and it doesn't mean that they're making money, but no one is worrying about the Mom in NJ.

This world view is a bit myopic. It should come as no surprise that web sites like the Drudge Report or Slashdot don't make it into the conversation. This is really a book about the few guys at the top of the New York media empires and their desire to somehow, some way, get a handle on this Internet thing. Truly interactive sites like Slashdot seem to be beyond the understanding of these guys because Motavalli notes that despite the "Letters to the Editors" section, most magazine and newspapers editors don't understand how to interact with readers.

The most telling details may be what didn't make the book. Motavalli spends little time talking about the words and images on the web pages. His subjects liked to use the word "content" as an abstraction for what the little guys serve to the little sheep. No one seemed to wonder whether it was good or bad, noir or funny, juvenile or sophisticated, or anything more than pure content. Aside from an occasional note about some truly lame web site, there's little discussion about what makes a web site good.

This is too bad because a few parts of the book hint that the guys below the big guys were really struggling to find the right voice for the on-line medium. They were asking questions like whether audience liked the ability to pick and choose the video snippets in the evening news. Was an on-line soap opera compelling enough to watch every day? Was there anyone who was willing to camp out by their keyboard to be the first to access some web site? Was buying an MP3 like buying a single or a full album? Did people want one portal or many?

As anyone who's posted to Slashdot in search of karma knows, finding a way to please the crowds is not an easy task. Every artist knows that after all of the hype, all of the press, and all of the marketing, a song, a book, an article, or a Slashdot comment needs to stand alone on the stage, if only for a brief second, and live or die on its merits. Motavalli's book best contribution may be showing us how little the media big wigs cared about these moments. It wasn't about the story or the presentation or even what the sheep seemed to like. It was all about the org chart.

Peter Wayner is a writer, consultant and media mogul himself. If you're one of the sheep reading this far, you might consider consuming his latest content on secure information handling ( Translucent Databases ) or his content on steganography ( Disappearing Cryptography). You can purchase Bamboozled from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Robert Nagle writes: "Apache's HTTP server has been by many measures the most popular web server on the web, and perhaps the primary application that drives people to Linux and open source. Three years ago, Wrox published the definitive book on running the Apache server by Peter Wainwright. Excellent though the book was, it badly needed updating. In May 2002, Wrox published another book, Professional Apache 2.0, which covers the new generation of Apache server, as well as older 1.3x versions that are still running production servers around the world." Robert's review continues, below. Professional Apache 2.0 author Peter Wainwright pages 873 publisher Wrox rating 5 Stars reviewer Robert Nagle, Idiotprogrammer ISBN 1861007221 summary Excellent, comprehensive Guide to the latest version of Apache.

Although Apache changed a great deal in its version 2.0, it is a credit to the Apache folk that the config files and command line options have basically remained the same for sys admins. For this reason, the book seems to include a lot of material (CGI security, building, core modules) from the original book. However, a closer look reveals many changes. Almost every chapter includes a discussion about how features differ in both versions of Apache. The book does a good job of giving an overview of Apache's architectural changes and how the use of multi-processing modules (MPM) allow the admin to choose an optimal implementation of apache. This edition, noticeably bigger than the previous one, contains many more examples of how one can extend apache functionality (configuring for binary distribution, setting up virtual interfaces, load sharing). Many sections have been expanded. The discussion of security and SSL is more detailed, yet more succinct; so is the section on content negotiation, (which is twice as long as the previous book), doing proxy server configurations, rsync and benchmarking performance. The discussion on hardening the server was great and up-to-date, although I wish the book spent more time discussing on patching and upgrading.

What is new to the book? We find a longer discussion of graphic administration tools for Windows and Unix, including webmin (which actually I wanted more of). We also have discussions of newer modules such as mod_ruby, mod_python, mod_dav as well as a brief description on how to install tomcat alongside apache. The discussion of mod_dav was especially helpful and interesting to me (and I was especially glad that the author acknowledged the Subversion DAV module, something which is bound to become more important). The php stuff hasn't changed much (although at the time the book was published, 2.0 compatibility with PHP was still an iffy proposition). The book's discussion of mod_perl isn't significantly different, although it does point out migration issues and some additional features.

Generally, the book is clearly written and contains enough examples to find any configuration you want. A few parts required rereading (especially the part about proxies and proxypasses), and occasionally I needed a better explanation of what the example code was supposed to do.

No book can be everything for everybody, and nobody can accuse the book of not having enough content (it is after all more than 700 pages!). I found myself wishing for other things. The book briefly discussed 2.0's support for ipv6, but I longed for a fuller explanation and a more detailed example (Fortunately, I had seen a good ipv6 tutorial on Linux Journal ). Also, I would have liked more information about other web application servers (like zope that Apache sometimes coexists with, content frameworks (such as cocoon) and other goodies produced by the Apache Foundation. The author might legitimately feel that such subjects lie outside the book's scope, but such topics are becoming more important.

In summary: for newbies who are looking for a guide to start with: this is the definitive book to read. It's definitive and a little imposing, but it is well written and logically arranged.

For people already familiar with Apache 1.3 but looking for more depth about ipv6, php, content frameworks or Tomcat, it might be better to read books on those specific subjects instead of this one. Indeed, Wrox will soon be coming out with a book specifically on Apache and Tomcat.

For experienced system administrators, the material in this book may not be terribly new, but they will still appreciate the variety of configuration examples for managing large numbers of virtual hosts and the convenience of having documentation of the 1.3/2.0 differences at their fingertips.

You can purchase Professional Apache 2.0 from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.